Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Andrew Tate’s ‘Educational Platform’ Was Hacked

Plus: The worst telecom hack in US history rolls on, iPhones are harder to break into, and more of the week’s top security news.

Wired
Open in Source
#web#ios#android#git#intel#auth#wifi
Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. See also CVE-2024-7592 for a similar vulnerability in cpython.

Yakuza Victim Data Leaked in Japanese Agency Attack

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked

The Shadowserver Foundation reports over 2,000 Palo Alto Networks firewalls have been hacked via two zero-day vulnerabilities: CVE-2024-0012…

Meta takes down more than 2 million accounts in fight against pig butchering

Meta provided some insight into their fight against pig butchering scammers, who are often victims of organized crime themselves

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a

CUPS IPP Attributes LAN Remote Code Execution

This Metasploit module exploits vulnerabilities in OpenPrinting CUPS, which is running by default on most Linux distributions. The vulnerabilities allow an attacker on the LAN to advertise a malicious printer that triggers remote code execution when a victim sends a print job to the malicious printer. Successful exploitation requires user interaction, but no CUPS services need to be reachable via accessible ports. Code execution occurs in the context of the lp user. Affected versions are cups-browsed less than or equal to 2.0.1, libcupsfilters versions 2.1b1 and below, libppd versions 2.1b1 and below, and cups-filters versions 2.0.1 and below.

ProjectSend R1605 Unauthenticated Remote Code Execution

This Metasploit module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605. The vulnerability allows an unauthenticated attacker to obtain remote code execution by enabling user registration, disabling the whitelist of allowed file extensions, and uploading a malicious PHP file to the server.

Korenix JetPort 5601 1.2 Path Traversal

Korenix JetPort 5601 version 1.2 suffers from a path traversal vulnerability.