Tag
#apple
This Metasploit module attempts to bruteforce authentication credentials for AFP.
A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.
Plus: China-linked hackers infiltrate US internet providers, authorities crack down on a major piracy operation, and a ransomware gang claims attacks during the Paris Olympics.
SPIP version 4.2.6 suffers from a code execution vulnerability.
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group (TAG) researcher Clement
Suspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa.
Online Graduate Tracer System version 1.0.0 suffers from an insecure direct object reference vulnerability.
SPIP version 4.2.5 suffers from a code execution vulnerability.
Online Appointment System version 1.0 suffers from an ignored default credential vulnerability.
Multi-Vendor Online Groceries Management System version 1.0 suffers from an ignored default credential vulnerability.