Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Debian Security Advisory 5635-1

Debian Linux Security Advisory 5635-1 - Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.

Packet Storm
Open in Source
#xss#mac#linux#debian#js#ruby#ssl
Red Hat Security Advisory 2024-1077-03

Red Hat Security Advisory 2024-1077-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-1076-03

Red Hat Security Advisory 2024-1076-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-1075-03

Red Hat Security Advisory 2024-1075-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware.

No “Apple magic” as 11% of macOS detections last year came from malware

Last year, 11% of all detections on Macs were caused by malware. The illuminating figure gives a view into the world of Mac cyberthreats.

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware. “The number of infected devices decreased slightly in mid- and late

New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs

By Deeba Ahmed The CHAVECLOAK banking Trojan employs PDFs, ZIP downloads, DLL sideloading, and deceptive pop-ups to target Brazil's unsuspecting banking users financial sector.  This is a post from HackRead.com Read the original post: New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs

GHSA-r4pf-3v7r-hh55: electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)

### Impact Windows-Only: The NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. ### Patches Fixed in https://github.com/electron-userland/electron-builder/pull/8059 ### Workarounds None, it executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer. ### References https://cwe.mitre.org/data/definitions/426.html https://cwe.mitre.org/data/definitions/427