WhatsApp on Windows users targeted in new campaign, warns Microsoft

Microsoft researchers found a campaign that abuses WhatsApp attachments to sneak a script onto Windows machines which will lead to the attacker gaining remote control. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop...

RustDesk 安全漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities, which stem from permission abuse...

RustDesk 安全漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities, which stem from improper certifica...

EUVD-2005-4446

Malware in sbrugna...

SonicWall SMA 100 Series 跨站脚本漏洞

SonicWall SMA 100 Series is a series of remote access software from SonicWall Corporation. A cross-site scripting vulnerability exists in SonicWall SMA 100 Series that originates from reflective cross-site scripting and could lead to arbitrary JavaScript code execution...

The vulnerability of the RemotePC software for providing remote access lies in its insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of the RemotePC remote access software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

ConnectWise ScreenConnect < 25.2.4 RCE

According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 25.2.4. It is, therefore affected by a remote code execution vulnerability: - ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection...

CVE-2025-1815

A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument usercookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has...

Advisory ROSA-SA-2025-2705

Software: libjpeg-turbo 1.5.2003 OS: ROSA Virtualization 3.0 packageevrstring: libjpeg-turbo-1.5.2003 CVE-ID: CVE-2020-17541 BDU-ID: 2023-07622 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Libjpeg-turbo image manipulation library is related to writing beyond buffer boundaries. Exploitatio...

CVE-2024-9644

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the "bapply.cgi" endpoint instead of the normal "apply.cgi" endpoint. A remote...

CVE-2021-46656

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

The Computer Emergency Response Team of Ukraine CERT-UA is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added...

ALPHV is singling out healthcare sector, say FBI and CISA

In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

CISA and Partners Release Joint Guide to Securing Remote Access Software

Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with...

The vulnerability of the RealVNC remote access software lies in the ability to execute files located at %TEMP%, as they are owned by the SYSTEM account. This allows attackers to gain higher privileges.

The vulnerability of the RealVNC remote access software is related to the possibility of executing files located at %TEMP% as SYSTEM. Exploiting this vulnerability can allow an attacker to increase their privileges...

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio. The attack, which transpired around the...

TYPO3 allows remote attackers to obtain the database name via a direct request

The Command Line Interface CLI script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request...

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...