19 matches found
React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182
We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors...
Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released
Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library. Clément Lecigne of Google's Threat...
CVE-2022-26485
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus 97.3.0. Recent...
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities KEV Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager...
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added 10 new actively exploited vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, including a high-severity security flaw affecting industrial automation software from Delta Electronics. The issue, tracked ...
GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Communi...
Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
Apple has introduced a Rapid Security Response feature in iOS 16 and macOS Ventura that's designed to deploy security fixes without the need for a full operating system version update. "macOS security gets even stronger with new tools that make the Mac more resistant to attack, including Rapid...
Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw
Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a...
Zoom Addresses Vanity URL Zero-Day
A previously undisclosed bug in Zoom’s customizable URL feature has been addressed that could have offered a hacker a perfect social-engineering avenue for stealing credentials or sensitive information. Disclosed by Zoom and Check Point on Thursday, the security flaw existed in the “Vanity URL”...
Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack
Hackers targeted the publishing platform Ghost over the weekend, launching a cryptojacking attack against its servers that led to widespread outages. The attack stemmed from the exploit of critical vulnerabilities in SaltStack, used in Ghost’s server management infrastructure. Ghost is a free,...
Microsoft Zero-Day Actively Exploited, Patch Forthcoming
An unpatched remote code-execution vulnerability in Internet Explorer is being actively exploited in the wild, Microsoft has announced. It’s working on a patch. In the meantime, workarounds are available. The bug CVE-2020-0674 which is listed as critical in severity for IE 11, and moderate for IE...
Mozilla: Type confusion in Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 60.7.1, Firefox 67.0.3, and Thunderbird 60.7.2...
Apache Struts Vulnerability (CVE-2017-5638) Exploit Traffic
UPDATE - March 10th, 2017: Rapid7 added a check that works in conjunction with Nexposes web spider functionality. This check will be performed against any URIs discovered with the suffix ".action" the default configuration for Apache Struts apps. To learn more about using this check, read this...
Patch Tuesday Returns; Microsoft Quiet on Postponement
Patch Tuesday returned today as expected after last month’s postponement with a giant release of fixes that includes patches for vulnerabilities disclosed and exploited since the last set of updates in January. Microsoft, however, was relatively silent on the reasons why the February updates were...
Another Java zero-day vulnerability being exploited in the wild
Do you still have Java installed? There is a bad news for you ! FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. The vulnerability targets browsers that have the latest version of the Java plugin installed Java v1.6 Update 41 and Java v1.7 Updat...
Adobe Warns of Flash Player Zero-Day Attack
The zero-day hacker attacks against Adobe’s software products are coming fast and furious. Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a...
MS Patch Tuesday: Googler Zero-Day Fixed in 33 Days
Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision. Ormandy claims he spent five days negotiating...
Attackers Pounce on Microsoft FTP in IIS Vulnerability
Less than a week after the publication of exploit code for a gaping hole in the FTP Service in Microsoft Internet Information Services IIS, attackers are launching what is described as “limited attacks” against Windows users. Microsoft has updated its security advisory to warn of the new attacks...
The Ryan & Roel Show Episode 4
In-the-wild worm attacks exploitation – Fri, November 7 2008 In this special episode, Ryan and Roel get to the bottom of the new in-the-wild worm attacks exploiting the Microsoft MS08-067 vulnerability. Listen as Roel provides a blow-by-blow of the two different Trojans now targeting...