A flaw in argument injection made RCE risky SonarSource researchers discovered a vulnerability in one of Composer’s key parts that might have been exploited to attack code repositories. The primary package manager for PHP applications. Composers can find and download…
Malware
New LilithBot malware is being offered as a service to cybercriminals by Eternity Group hackers.
Latest posts
CISA Warns of Critical Atlassian Bitbucket Server Vulnerability Being Exploited by Hackers
On Friday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing indications of ongoing exploitation, added a previously disclosed significant vulnerability affecting Atlassian’s Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) database. The problem, which has been…
Optus discloses the scope of the data breach but refuses to say how it occurred.
The 9.8 million subscribers affected by the data breach have 1.2 million valid forms of identity. According to the Singtel-owned Australian operator, who also said that Deloitte has been hired to look into the hack’s causes. According to Optus, 1.2…
The Spring Cloud-enabled Nepxion Discovery software does not fix RCE and information leak issues.
Chinese project maintainer appears to have closed the public issue without offering a patch. Nepxion Discovery Software, an open-source project that offers functionality for the Spring Cloud framework, contains an unpatched remote code execution (RCE) vulnerability. On September 9, information…
There are two fresh zero-days for Exchange Server
As it looks at (yep, more) reported vulnerabilities in Microsoft Exchange Server that affect the software’s 2013, 2016, and 2019 editions, Microsoft has released some consumer guidance. According to the business, “few targeted assaults employing the two vulnerabilities to access…
Findings of New Malware Families Aimed at VMware ESXi Hypervisors
VMware’s virtualization software has been revealed to be used by threat actors to implant never-before-seen post-compromise implants. The implants allow them to take control of compromised systems while avoiding detection. It affects VMware ESXi, Linux vCenter servers, and Windows virtual…
SolarMarker Attack Uses Vulnerable WordPress Sites and False Chrome Updates
As part of a novel strategy in its watering-hole attacks, the SolarMarker attack organization is encouraging victims to download phoney Chrome browser updates by attacking a WordPress-powered website. Researchers have identified the hacking group utilizing SolarMarker attack malware, which uses…
A new 0-day RCE vulnerability on Microsoft Exchange Server was used in a new attack campaign.
While providing security monitoring and incident response services around the beginning of August 2022, the GTSC SOC team learned that a vital infrastructure was under assault, specifically their Microsoft Exchange application. The research revealed that the attack used a 0-day…
Data from 16 million Swachhata Platform users are exposed due to a breach.
User names, emails, passwords, mobile numbers, OTP-related information, and login IPs. And hacked unique user tokens are among the Swachhata City data. On Friday, September 23, a threat actor going by the handle LeakBase posted a 6GB data dump containing…
Hackers from Brazil’s Prilex Group Resurface with Advanced Point-of-Sale Malware
After a year-long operational sabbatical, the Brazilian threat actor Prilex has returned with sophisticated and intricate Point-of-Sale Malware to steal money through fraudulent transactions. According to Kaspersky researchers, “The Prilex gang has demonstrated a high level of expertise about credit…