CVE-2024-41829

In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection...

GHSA-9G98-5MJ6-F9MV Keycloak vulnerable to user impersonation via stolen UUID code

Keycloak's OpenID Connect user authentication was found to incorrectly authenticate requests. An authenticated attacker who could also obtain a certain piece of info from a user request, from a victim within the same realm, could use that data to impersonate the victim and generate new session...

Samples of SiliVaccine Offer Rare Peek Inside North Korea’s Antivirus Software

Two aged samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor. The two SiliVaccine samples obtained by researchers at Check Point security offer unique insight into a secretive country and how it likely...

Windows Botnet Spreading Mirai Variant

A Chinese-speaking attacker is spreading a Mirai variant from a repurposed Windows-based botnet. Researchers at Kaspersky Lab published a report today, and said the code was written by an experienced developer who also built in the capability to spread the IoT malware to Linux machines under...

YamaTough Hacker Demanded $50,000 for not releasing Stolen Symantec Source Code

YamaTough Hacker Demanded $50,000 for not releasing Stolen Symantec Source Code According to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton...