Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

DarkGate reloaded via malvertising and SEO poisoning campaigns

Categories: Threat Intelligence Tags: darkgate Tags: autoit Tags: malvertising Tags: seo poisoning The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. (Read more...) The post DarkGate reloaded via malvertising and SEO poisoning campaigns appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#xss#web#windows#google#git#intel#backdoor#auth
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware

A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. CypherRAT and CraxsRAT are said to be offered to other cybercriminals as

Over a Dozen Malicious npm Packages Target Roblox Game Developers

More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first detected on August 1 by ReversingLabs, employs modules that masquerade as the legitimate package noblox.js, an API

CVE-2023-38733: IBM Robotic Process Automation is vulnerable to sensitive information disclosure in installation logs (CVE-2023-38733)

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293.

CVE-2023-40370: IBM Robotic Process Automation is vulnerable to information disclosure of script content (CVE-2023-40370)

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470.

CVE-2023-38734: IBM Robotic Process Automation is vulnerable to incorrect privilege assignment when importing user from an LDAP directory (CVE-2023-38734).

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481.

CVE-2023-39026: FileMage Gateway LFI

Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component.

Luna Grabber Malware Hits Roblox Devs Through npm Packages

By Habiba Rashid The campaign, which began at the start of August 2023, revolves around malicious packages impersonating the legitimate noblox.js,… This is a post from HackRead.com Read the original post: Luna Grabber Malware Hits Roblox Devs Through npm Packages

CVE-2020-21427: FreeImage / Bugs / #298 heap-buffer-overflow in function LoadPixelDataRLE8 of PluginBMP.cpp

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

CVE-2023-38732: IBM Robotic Process Automation is vulnerable to exposure of sensitive information in application logs (CVE-2023-38732)

IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.