7612 matches found
Important: Red Hat Security Advisory: RHODF-4.18-RHEL-9 enhancement, bug fix and security update
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.18.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
Thousands of WordPress Websites Infected with Malware
The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven't seen before. Which introduces another type of attack made possibly by abusing websites that don't monitor...
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker aka Monstrous Mantis, FIN7, FIN8, and Ruthless Mantis ex-REvil. "Ragnar Loader plays a key role in keeping access to...
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution RCE flaw in the PHP-CGI implementation of PHP on Windows, to gai...
CLSA-2025-1741291194 flatpak: Fix of CVE-2024-42472
CVE-2024-42472: patch Flatpak to include the new --bind-fd option in bubblewrap to prevent symlink attacks on persistent directories...
Unmasking the new persistent attacks on Japan
Cisco Talos discovered malicious activities conducted by an unknown attacker since as early as January 2025, predominantly targeting organizations in Japan. The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution RCE flaw in the PHP-CGI implementation of PHP on Windows...
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. "Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in ...
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
The U.S. Department of Justice DoJ has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People's Republic of China's PRC Ministr...
Malicious code in totem-project-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8e4f8906dbfdd2a20cc7cd9a3d92b2b079381e8440c9d434a5ad4767dbc176f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Linux Distros Unpatched Vulnerability : CVE-2024-23944
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching ...
Malicious code in analyzer_plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 747a848e1740f146ea6c00cc1bcc451280f4685bd6cf84e635361504de761cfe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal
In this blog entry, we discuss how the Black Basta and Cactus ransomware groups utilized the BackConnect malware to maintain persistent control and exfiltrate sensitive data from compromised machines...
Malicious code in mep-widget-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd0595287736afbcd4a5eb42eee88ad6ac547864009d19dfcb6c2ecc108e526c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2025-21778
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...
CVE-2025-21778
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...
DEBIAN-CVE-2025-21778
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...
UBUNTU-CVE-2025-21778
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...
CVE-2025-21778
CVE-2025-21778 : In the Linux kernel, a fault occurs when mmap() is used on a trace ring buffer attached to reserve_mem. The mapping relied on virt_to_page() which does not work with vmap’d memory, causing a kernel oops during access. The fix disables mmap() for such persistent ring buffers (rese...
CVE-2025-21778
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...
CVE-2025-21778 tracing: Do not allow mmap() of persistent ring buffer
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...