4 matches found
EUVD-2021-8107
Malicious code in bioql PyPI...
SSZipArchive 后置链接漏洞
SSZipArchive is ZipArchive open source a simple utility class . It is used to compress and uncompress files on iOS, macOS and tvOS. A security vulnerability exists in SSZipArchive 2.5.3 and prior versions, which stems from its lack of sanitization of symbolic link paths causing SSZipArchive to...
SquirrelWaffle Loader Malspams, Packs Qakbot, Cobalt Strike
SquirrelWaffle, a new malware loader, is mal-spamming malicious Microsoft Office documents to deliver Qakbot malware and the penetration-testing tool Cobalt Strike – two of the most common threats regularly observed targeting organizations around the world. Cisco Talos researchers said on Tuesday...
Attackers Use Microsoft Office Vulnerabilities to Spread Zyklon Malware
Spam campaigns delivering Zyklon HTTP malware are attempting to exploit three relatively new Microsoft Office vulnerabilities. The attacks are targeting telecommunications, insurance and financial service firms. According to FireEye researchers who identified the campaigns, attackers are attempti...