Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware

Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets.

HackRead
Open in Source
#web#ios#google#intel#backdoor#auth
CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix has

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. "By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that will

GHSA-vhcx-7rpg-hp39: risesoft-y9 Digital-Infrastructure has a SQL injection vulnerability

A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

US Hackers Reportedly Caused a Blackout in Venezuela

Plus: AI reportedly caused ICE to send agents into the field without training, Palantir’s app for targeting immigrants gets exposed, and more.

GHSA-mpwp-4h2m-765c: Active Job - Object injection security vulnerability

Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability.

GHSA-5qw5-wf2q-f538: ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

ActiveRecord-JDBC-Adapter (AR-JDBC) contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub() function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

ICE Agent Doxxing Platform was Crippled After Coordinated DDoS Attack

The activist website called "ICE List" was offline after a massive DDoS attack. The crash followed a leak of 4,500 federal agent names linked to the Renee Nicole Good shooting.

GHSA-mmwx-79f6-67jg: Weblate wlc path traversal vulnerability: Unsanitized API slugs in download command

### Impact Multi-translation download could write to an arbitrary location when instructed by a crafted server. ### Patches * https://github.com/WeblateOrg/wlc/pull/1128 ### Workarounds Do not use `wlc download` with untrusted servers. ### References This issue was reported to us by [wh1zee](https://hackerone.com/wh1zee) via HackerOne.

How 2 Missing Characters Nearly Compromised AWS

A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis.