Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air...

Malicious code in peritter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e928152262a15c3663758b7d61ee855e89db1870d95ba6587ad86d367841c476 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-36555 · Unknown · Mailcleaner

Name of the Vulnerable Software and Affected Versions: MailCleaner versions before 28d913e Description: The issue concerns default values of ssh host dsa key, ssh host rsa key, and ssh host ed25519 key that persist after installation. Recommendations: For versions before 28d913e, update to a...

CVE-2024-54001

CVE-2024-54001 affects Kanboard: HTML can be injected via settings fields application_language, application_date_format, application_timezone, and application_time_format, reflected to users and potentially executed as XSS if input contains JavaScript that bypasses CSP. Root cause is unescaped us...

Malicious code in codat-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15d6ef87bdf4981301dbd1430d57248ad6a9606733d297f570edc7d22cf495c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in distdiscord-v11 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b003b8e11ce73b0dd1259da43ba682eb4a34b0ac0d4b48559af5bc6489c216be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent...

CVE-2024-23944

A flaw was found in the Apache Zookeeper package. Affected versions of this package are vulnerable to Information Exposure due to a missing ACL check in the handling of persistent watchers. An attacker can monitor child znodes by attaching a persistent watcher addWatch command to a parent node th...

Malicious code in electurm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efaea8e17d6dafe53e1047516e2be119bfd7d216f4d572a6de16d7bc1b164861 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Advanced threat predictions for 2025

We at Kaspersky's Global Research and Analysis Team monitor over 900 APT advanced persistent threat groups and operations. At the end of each year, we take a step back to assess the most complex and sophisticated attacks that have shaped the threat landscape. These insights enable us to anticipat...

CVE-2024-7236 AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability

AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the...

SEH utnserver Pro 20.1.22 Cross Site Scripting

St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version| 20.1.22 fixed version| 20.1.35 CVE number| CVE-2024-11304 impact| High homepage|...

bubblewrap and flatpak security update

An update is available for bubblewrap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged...

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.4 security and bug fix update

OpenShift API for Data Protection OADP 1.3.4 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2024-50355 LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can b...

CVE-2024-50355 LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can b...

LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

Summary The application fail to sanitising inputs properly and rendering the code from user input to browser which allow an attacker to execute malicious javascript code. Details User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input i...

GHSA-4M5R-W2RQ-Q54Q LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

Summary The application fail to sanitising inputs properly and rendering the code from user input to browser which allow an attacker to execute malicious javascript code. Details User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input i...

UBUNTU-CVE-2024-36275

NULL pointer dereference in some IntelR OptaneTM PMem Management software versions before CRMGMT02.00.00.4040, CRMGMT03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access...

Intel Optane PMem Management 安全漏洞

Intel Optane PMem Management is a memory technology from Intel Corporation USA. A security vulnerability exists in Intel Optane PMem Management that originates from a null pointer dereference. An attacker exploiting this vulnerability could cause a system denial of service...