Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine

Cisco Talos observed a destructive attack on a critical infrastructure entity within Ukraine, using a previously unknown wiper we are calling “PathWiper.”

TALOS
#web#windows#cisco#git#auth
GHSA-33p9-3p43-82vq: Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

## Impact On Windows, the shared `%PROGRAMDATA%` directory is searched for configuration files (`SYSTEM_CONFIG_PATH` and `SYSTEM_JUPYTER_PATH`), which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected `%PROGRAMDATA%` are affected. ## Mitigations - upgrade to `jupyter_core>=5.8.1` (5.8.0 is patched but breaks `jupyter-server`) , or - as administrator, modify the permissions on the `%PROGRAMDATA%` directory so it is not writable by unauthorized users, or - as administrator, create the `%PROGRAMDATA%\jupyter` directory with appropriately restrictive permissions, or - as user or administrator, set the `%PROGRAMDATA%` environment variable to a directory with appropriately restrictive permissions (e.g. controlled by administrators _or_ the current user) ## Credit Reported via Trend Micro Zero Day Initiative as ZDI-CAN-25932

Google fixes another actively exploited vulnerability in Chrome, so update now!

Google has released an important update for Chrome, patching one actively exploited zero-day and two other security flaws

Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments. "Chaos RAT is an open-source RAT written in

Victims risk AsyncRAT infection after being redirected to fake Booking.com sites

We found that cybercriminals are preparing for the impending holiday season with a redirect campaign leading to AsyncRAT.

Maximize Your Minecraft: Optimal PC Setup and Server Hosting Essentials

Among all ages, Minecraft still rules the gaming scene as a preferred choice. The game provides a broad…

Backdoors in Python and NPM Packages Target Windows and Linux

Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.

Interlock Ransomware Deploys New NodeSnake RAT in UK Attacks

Quorum Cyber identifies two new NodeSnake RAT variants, strongly attributed to Interlock ransomware, impacting UK higher education and local government.

GHSA-f238-rggp-82m3: Navidrome Transcoding Permission Bypass Vulnerability Report

### Summary A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. ### Details Navidrome supports transcoding functionality which, although disabled by default, should restrict configuration operations to administrators only. However, the application fails to properly validate whether a user has administrative privileges when handling transcoding configuration requests. The vulnerability exists in the API endpoints that manage transcoding settings. When a regular user sends requests to these endpoints, the application processes them without verifying if the user has administrative privileges, despite the JWT token clearly indicating the user is not an administrator (`"adm":false`). The affected endpoints include: - `POST /api/transcoding` (Create transcoding configuration) - `PUT /api/transcod...