ISPM + ITDR: Proactive Cyber Defense in the AI Era

In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted approach...

Summary of Vulnerabilities, Actors & Attacks: April 2024

...

Cross-Site Request Forgery (CSRF)

anchorcms/anchor-cms is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is caused due to insufficient validation for requests, allowing malicious actors to forge requests and execute unauthorized actions on behalf of authenticated users...

Command Injection

FontForge is vulnerable to Command Injection. The vulnerability is due to insufficient input validation, which enables malicious actors to manipulate filenames in a way that triggers the execution of unintended commands...

BIT-NODE-2023-32005

A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non- argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.statfs API. As a result...

BIT-OAUTH2-PROXY-2020-4037 Open Redirect in OAuth2 Proxy

In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is checked with...

Remote Code Execution(RCE)

Nteract is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a lack of input validation in the Markdown link parsing functionality, allowing malicious actors to execute arbitrary code remotely...

Design/Logic Flaw

Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload external link is presented in clickable form - easier to achieve own goals by malicious actors. This iss...

Information disclosure

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

CVE-2023-7165 JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

CVE-2023-7165 JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

CVE-2024-27092

CVE-2024-27092 – Hoppscotch (API development ecosystem) involves a lack of validation for the field pair Label (Edit Team) – TeamName, enabling attackers to send emails with spoofed content presented as Hoppscotch. The issue is documented to affect Hoppscotch prior to the fix and is mitigated by ...

CVE-2024-27092 Content spoofing - real Hoppscotch emails

Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload external link is presented in clickable form - easier to achieve own goals by malicious actors. This iss...

CVE-2024-27092 Content spoofing - real Hoppscotch emails

Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload external link is presented in clickable form - easier to achieve own goals by malicious actors. This iss...

The Anatomy of Trading Bot Scams: Strategies for Secure Investments

By Uzair Amir In the exciting world of investment, there are malicious actors who peddle trading bot scams, preying on the aspirations of eager investors. This is a post from HackRead.com Read the original post: The Anatomy of Trading Bot Scams: Strategies for Secure Investments...

JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

Description The plugin doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files. A partial fix was released in 2.0.9.6, removing the ability to list the directory but still allowing direct...

Critical RCE Flaw in Atlassian Confluence Sparks Active Exploitation

Summary: CVE-2023-22527 is a critical Remote Code Execution vulnerability in outdated Atlassian Confluence versions, actively exploited by malicious actors. Immediate patching to recommended versions is crucial, as nearly 40,000 exploitation attempts have been recorded within three days of...

Path Traversal

apktool is vulnerable to Path Traversal. The vulnerability is due to Apktool determines the output paths of resource files based on their names. Malicious actors can exploit this by manipulating these names to place files in specific locations on the system where Apktool is executed...

CVE-2023-45139

A flaw was found in the subsetting module of FontTools, which contains an XML External Entity Injection XXE vulnerability. This flaw allows malicious actors to exploit the parsing of candidate fonts, particularly those with an OT-SVG format that includes an SVG table. Through this vulnerability,...

How to Not Get Hacked by a QR Code

QR codes can be convenient—but they can also be exploited by malicious actors. Here’s how to protect yourself...