Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.

DARKReading
Open in Source
#vulnerability#web#mac#windows#linux#cisco#apache#git#java#php#rce#log4j#auth
Carbon Forum 5.9.0 Cross Site Scripting

Carbon Forum version 5.9.0 suffers from a persistent cross site scripting vulnerability.

XMB 1.9.12.06 Cross Site Scripting

XMB version 1.9.12.06 suffers from a persistent cross site scripting vulnerability.

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as a zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. "WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis. "Each sample is compiled

GHSA-vqwr-q6cc-c242: parisneo/lollms Local File Inclusion (LFI) attack

parisneo/lollms version 9.5 is vulnerable to Local File Inclusion (LFI) attacks due to insufficient path sanitization. The `sanitize_path_from_endpoint` function fails to properly sanitize Windows-style paths (backward slash `\`), allowing attackers to perform directory traversal attacks on Windows systems. This vulnerability can be exploited through various routes, including `personalities` and `/del_preset`, to read or delete any file on the Windows filesystem, compromising the system's availability.

Critical MSMQ RCE Bug Opens Microsoft Servers to Complete Takeover

CVE-2024-30080 is the only critical issue in Microsoft's June 2024 Patch Tuesday update, but many others require prompt attention as well.

Patch Tuesday, June 2024 “Recall” Edition

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows administrators. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

Only one critical issue disclosed as part of Microsoft Patch Tuesday

The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.

WarmCookie Gives Cyberattackers Tasty New Backdoor for Initial Access

The fresh-baked malware is being widely distributed, but still specifically targets individuals with tailored lures. It's poised to evolve into a bigger threat, researchers warn.