Tag
A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected hosts. Fortinet FortiGuard Labs, which made the discovery, said it found the malware in an executable that masqueraded as a PDF file with a Russian name "CMK Правила оформления больничных листов.pdf.exe," which translates to "CMK
By Waqas The report also raises concerns about the increasing influence of hyperscale companies like Amazon, Google, Meta, and Microsoft in the global cable network, potentially leading to market monopolies and challenges to digital sovereignty. This is a post from HackRead.com Read the original post: Submarine Cables Face Escalating Cybersecurity Threats, Report
Red Hat Security Advisory 2023-3885-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.4 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
By Waqas For now, ThirdEye infostealer has demonstrated behavior that is highly malicious, albeit not-so-sophisticated in its patterns. This is a post from HackRead.com Read the original post: Newly Surfaced ThirdEye Infostealer Targeting Windows Devices
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and resolved in pull request #1828. Users are advised to upgrade. Users unable to upgrade may modify the line `while peek not in (b"\r", b"\n")` in `pypdf/generic/_data_structures.py` to `while peek not in (b"\r", b"\n", b"")`.
In a move to embarrass the city, hacking group known as SiegedSec accessed thousands of files with administrator logins, but it's making no ransom demands.
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
Office Suite Premium version 10.9.1.42602 suffers from a local file inclusion vulnerability.
Office Suite Premium version 10.9.1.42602 suffers from a path traversal vulnerability.
Office Suite Premium version 10.9.1.42602 suffers from a cross site scripting vulnerability.