Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant

Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor...

RomCom RAT Targets Pro-Ukraine Guests at Upcoming NATO Summit

By Deeba Ahmed The RomCom RAT is also tracked as Tropical Scorpius, Void Rabisu, and UNC2596. This is a post from HackRead.com Read the original post: RomCom RAT Targets Pro-Ukraine Guests at Upcoming NATO Summit...

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have...

SUSE CVE-2023-29942

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isamlir::LLVM::LLVMVoidType...

AZL-26694 CVE-2023-29942 affecting package rust for versions less than 1.72.0-1

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isamlir::LLVM::LLVMVoidType...

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

Design/Logic Flaw

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

Void Tools 安全漏洞

Void Tools is a desktop search engine from Void Tools, Inc. A security vulnerability exists in versions prior to Void Tools v1.4.1.1022. An attacker could exploit this vulnerability to perform a regular expression denial of service attack...

CVE-2023-27704

Void Tools Everything (pre-1.4.1.1022) is affected by CVE-2023-27704 via a Regular Expression Denial of Service (ReDoS). Root cause relates to regex processing; exploitation could impact availability (per CVSS base metrics). Affected versions: prior to 1.4.1.1022; remediation is to update to 1.4....

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

PT-2023-21300

Name of the Vulnerable Software and Affected Versions Void Tools Everything versions prior to 1.4.1.1022 Description The issue is related to a Regular Expression Denial of Service ReDoS. No information is provided about the estimated number of potentially affected devices worldwide or real-world...

CVE-2022-46743

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2022-47166

Cross-Site Request Forgery CSRF vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder plugin = 2.1.1 versions...

WordPress plugin Void Contact Form 7 Widget For Elementor Page Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

SUSE CVE-2017-7957

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML"" call...

Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities

A hack-for-hire group that was first exposed in 2019 has expanded its focus to set its sights on entities with business or political ties to Russia. Dubbed Void Balaur, the cyber mercenary collective has a history of launching cyberattacks against biotechnology and telecom companies since 2015. A...