Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The most interesting thing about that malware was how it used dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. Typical notification scam destination for the redirects We’ve […]
Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Pierluigi Paganini April 17, 2024 Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can […]
Fortinet fixed a critical remote code execution bug in FortiClientLinux Pierluigi Paganini April 10, 2024 Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux. Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of […]
Oops, your XML now contains shell code The following XML code was found in the layout_update database table and is responsible for periodic reinfections of your system. Attackers combine the Magento layout parser with the beberlei/assert package (installed by default) to execute system commands. Because the layout block is tied to the checkout cart, this […]
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres […]
U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Pierluigi Paganini March 03, 2024 A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group, a U.S. Judge ordered […]
Mar 02, 2024NewsroomSpyware / Privacy A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision, which marks a major legal victory for Meta, which filed the lawsuit in October […]
The new Atomic variant uses Python and Apple Script code to target browser and system files, obtain user account passwords, and identify sandbox or emulator execution. Bitdefender researchers have discovered a new variant of the AMOS Stealer (or Atomic Stealer), one of the most prevalent threats for macOS users in the last year. According to […]
CISA confirmed active exploitation of a critical remote code execution (RCE) bug in Fortinet’s FortiOS, urging immediate security updates or SSL VPN disabling to mitigate the risk.