Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Konni RAT Exploiting Word Docs to Steal Data from Windows

By Deeba Ahmed Konni RAT is back! This is a post from HackRead.com Read the original post: Konni RAT Exploiting Word Docs to Steal Data from Windows

HackRead
#vulnerability#mac#windows#google#microsoft#git#oracle#auth
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing Quishing, a phishing technique resulting from the

Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,

CVE-2023-46935: There is stored XSS in version 1.6.4 which can lead to stealing sensitive information of logged-in users · Issue #55 · weng-xianhu/eyoucms

eyoucms v1.6.4 is vulnerable Cross Site Scripting (XSS), which can lead to stealing sensitive information of logged-in users.

Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions

The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific. "The campaigns leveraged legitimate software

GHSA-m2mj-pr4f-h9jp: TorchServe ZipSlip

### Impact Using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files that are extracted to any location on the filesystem that is within the process permissions. Leveraging this issue could aid third-party actors in hiding harmful code in open-source/public models, which can be downloaded from the internet, and take advantage of machines running Torchserve. ### Patches The ZipSlip issue in TorchServe has been fixed by validating the paths of files contained within a zip archive before extracting them: https://github.com/pytorch/serve/pull/2634 TorchServe release 0.9.0 includes fixes to address the ZipSlip vulnerability: https://github.com/pytorch/serve/releases/tag/v0.9.0 ### References https://github.com/pytorch/serve/pull/2634 https://github.com/pytorch/serve/releases/tag/v0.9.0 ### Credit We would like to thank Oligo Security for responsibly disclosing this issue. If you have any questions or comments about this advi...

CVE-2023-48051: Cryptographic API Misuse Vulnerability: Do not use insecure algorithm(textbook or padding PKCS 1v1.5) for RSA · Issue #38 · Carglglz/upydev

An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.

CVE-2023-47311: More XSS and Clickjacking in Yamcs v5.8.6

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking.

GHSA-6h67-934r-82g7: Bypass of field access control in strapi-plugin-protected-populate

### Impact Users are able to bypass the field level security. This means fields that they where not allowed to populate could be populated anyway even in the event that they tried to populate something that they don't have access to. ### Patches This issue has been patched in 1.3.4 ### Workarounds None