Security
Headlines
HeadlinesLatestCVEs

Tag

#web

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

DARKReading
Open in Source
#xss#vulnerability#web#ios#google#microsoft#cisco#git#java#oauth#auth
7 Sessions Not to Miss at Black Hat USA 2024

This year's conference will be a treasure trove of insights for cybersecurity professionals.

How Infostealers Pillaged the World’s Passwords

Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target.

'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread

A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of repositories that are used to

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website ("chrome-web[.]com") serving malicious installer packages masquerading as Google's Chrome browser, indicating that users searching for the software on the

China-Backed Phishing Attack Targets India Postal System Users

A large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.

Stop X’s Grok AI From Training on Your Tweets

Plus: More Pegasus spyware controversy, a major BIOS controversy, and more of the week’s top security news.

GHSA-296q-rj83-g9rq: Reflected Cross Site-Scripting (XSS) in Oveleon Cookiebar

## usd-2024-0009 | Reflected XSS in Oveleon Cookiebar ### Details **Advisory ID**: usd-2024-0009 **Product**: Cookiebar **Affected Version**: 2.X **Vulnerability Type**: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') **Security Risk**: HIGH, CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N **Vendor URL**: https://www.usd.de/ **CVE Number**: Not requested yet **CVE Link**: Not requested yet ### Affected Component The `block` function in `CookiebarController.php`. ### Desciption Oveleon's Cookiebar is an extension for the popular Contao CMS. The `block/locale` endpoint does not properly sanitize the user-controlled `locale` input before including it in the backend's HTTP response, thereby causing reflected XSS. ### Fix Sanitize the `locale` input to prevent XSS payloads from being executed in a user's browser. ### Timeline * **2024-04-24**: Vulnerability discovered by Daniel Ruppel of usd AG. * *...

Distributing Security Responsibilities (Responsibly)

Outlining the wider organization's proactive role in fortifying the security program allows the security team to focus on the most pressing issues that only they can solve.

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"