Security
Headlines
HeadlinesLatestCVEs

Latest News

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

Cybersecurity researchers are calling attention to an ongoing campaign that's targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. "The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables

The Hacker News
Open in Source
#git#The Hacker News
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services

Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting

GHSA-c6gw-w398-hv78: DoS in go-jose Parsing

### Impact When parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of '.' characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. ### Patches Version 4.0.5 fixes this issue ### Workarounds Applications could pre-validate payloads passed to go-jose do not contain an excessive number of '.' characters. ### References This is the same sort of issue as in the golang.org/x/oauth2/jws package as CVE-2025-22868 and Go issue https://go.dev/issue/71490.

GHSA-pxg4-xjp7-w9c5: Moodle's feedback response viewing and deletions did not respect Separate Groups mode

Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities.

GHSA-4hmr-39vp-xfrr: Moodle has an arbitrary file read risk through pdfTeX

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed).

GHSA-g88w-v4cq-qgcp: Moodle has an IDOR in badges allows disabling of arbitrary badges

Insufficient capability checks made it possible to disable badges a user does not have permission to access.

GHSA-5r85-6h7f-rg3r: Moodle's non-searchable tags can still be discovered on the tag search page and in the tags block

Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.

GHSA-cw24-f6fq-7j9v: Moodle allows teachers to evade trusttext config when restoring glossary entries

Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.

GHSA-h697-w4ph-7pcx: Moodle has a stored XSS in ddimageortext question type

The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.