Security
Headlines
HeadlinesLatestCVEs

Latest News

Chameleon Android Banking Trojan Targets Users Through Fake CRM App

Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally," Dutch security outfit ThreatFabric said in a technical

The Hacker News
Open in Source
#web#android#mac#google#ibm#chrome#The Hacker News
Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software

Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the App Store and opened for the first time, it verifies that the

BlankBot Trojan Targets Turkish Android Users

While still under development, the malware contains Turkish-language filenames, can record the screen and keystrokes, and inject custom overlays to steal passwords and sensitive data.

GHSA-p3pf-mff8-3h47: Gorush uses deprecated TLS versions

An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version.

Attackers Use Multiple Techniques to Bypass Reputation-Based Security

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Cyberattack Strikes the Grand Palais RMN; Impact Appears Limited

Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium.

GHSA-2rwj-7xq8-4gx4: Qwik has a potential mXSS vulnerability due to improper HTML escaping

### Summary A potential mXSS vulnerability exists in Qwik for versions up to 1.6.0. ### Details Qwik improperly escapes HTML on server-side rendering. It converts strings according to the following rules: https://github.com/QwikDev/qwik/blob/v1.5.5/packages/qwik/src/core/render/ssr/render-ssr.ts#L1182-L1208 - If the string is an attribute value: - `"` -> `&quot;` - `&` -> `&amp;` - Other characters -> No conversion - Otherwise: - `<` -> `&lt;` - `>` -> `&gt;` - `&` -> `&amp;` - Other characters -> No conversion It sometimes causes the situation that the final DOM tree rendered on browsers is different from what Qwik expects on server-side rendering. This may be leveraged to perform XSS attacks, and a type of the XSS is known as mXSS (mutation XSS). ## PoC A vulnerable component: ```javascript import { component$ } from "@builder.io/qwik"; import { useLocation } from "@builder.io/qwik-city"; export default component$(() => { // user input cons...

A New Plan to Break the Cycle of Destructive Critical Infrastructure Hacks

As digital threats against US water, food, health care, and other vital sectors loom large, a new project called UnDisruptable27 aims to help fix cybersecurity weaknesses where other efforts have failed.

Russia's Priorities in Prisoner Swap Suggest Cyber Focus

At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap.

Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks