Aggregator

A vulnerability classified as critical was found in Linux Kernel up to 5.15.173/6.1.119/6.6.65/6.12.4. Affected by this vulnerability is the function xsk_map_delete_elem. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2024-56614. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.4. This affects the function ieee802154_create. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-56602. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.10.230/5.15.173/6.1.119/6.6.65/6.12.3. Affected by this issue is the function of_dma_configure. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-56568. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.67/6.12.6. It has been classified as critical. Affected is the function tun_napi_alloc_frags of the file net/core/skbuff.c. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-56372. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been rated as critical. Affected by this issue is some unknown functionality of the component hisi_sas. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-56588. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.175/6.1.121/6.6.67/6.12.6. It has been rated as problematic. Affected by this issue is the function complete_hypercall_exit in the library arch/x86/kvm/x86.h of the component Hypercall Page Handler. The manipulation leads to state issue. This vulnerability is handled as CVE-2024-55881. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.66/6.12.5. Affected by this vulnerability is the function of_node_put of the component rswitch. The manipulation leads to use after free. This vulnerability is known as CVE-2024-55639. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.69/6.12.6. This affects the function ceph_mdsc_build_path. The manipulation leads to infinite loop. This vulnerability is uniquely identified as CVE-2024-53685. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1. It has been classified as problematic. This affects the function xsk_build_skb. The manipulation leads to excessive iteration. This vulnerability is uniquely identified as CVE-2024-53236. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

SmartApeSG, a FakeUpdate cyber threat, has emerged as a significant vector for delivering NetSupport RAT, a maliciously exploited remote administration tool. The campaign ensnares victims by tricking them into downloading fake browser updates, ultimately enabling attackers to gain unauthorized access to infected systems. A Web of Connections Recent investigations examined SmartApeSG’s command-and-control (C2) infrastructure, revealing […]

The post Beware of SmartApeSG Campaigns that Deliver NetSupport RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new strain of Fully Undetectable (FUD) macOS malware, dubbed “Tiny FUD,” has emerged, showcasing sophisticated evasion techniques capable of bypassing antivirus and macOS security frameworks, including Gatekeeper and System Integrity Protection (SIP). The malware employs advanced methods, such as process name manipulation, DYLD injection, and command-and-control (C2) communication, making it a significant threat to […]

The post New FUD Malware Targets MacOS, Evading Antivirus and Security Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as critical was found in Yuba U5cms up to 3.9.2. Affected by this vulnerability is an unknown functionality of the file copy2.php of the component admin/. The manipulation of the argument newname leads to sql injection. This vulnerability is known as CVE-2015-1576. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple tvOS up to 12.1.1 and classified as critical. Affected by this issue is some unknown functionality of the component libxpc. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2019-6218. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics such as brute force login attempts and Adversary-in-the-Middle (AiTM) techniques. With a growing reliance on […]

The post Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

这是反编译研究不平凡的一年！

Malicious employees and insider threats pose one of the biggest security risks to organizations, as these users have more access and permissions than cybercriminals attacking the organization externally. 

The post How to Root Out Malicious Employees appeared first on Security Boulevard.

Researchers from the Positive Technologies Expert Security Center (PT ESC) have identified and prevented a malicious campaign targeting users of the Python Package Index (PyPI). The attack involved two fake packages named deepseeek and deepseekai, which were designed to steal sensitive user and system data. These packages were masquerading as legitimate clients for the DeepSeek […]

The post Beware of Fake DeepSeek PyPI Packages That Delivers Malware appeared first on Cyber Security News.

A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09. "The vulnerability was

Nymi launched next-generation wearable authenticator, the Nymi Band 4, which introduces design upgrades and expanded passwordless use cases for regulated industries, while retaining its core authentication functionality. This latest development from Nymi offers industries with complex operations a handsfree solution for passwordless, Multi-Factor Authentication (MFA) that delivers strong security, compliance, and convenience for deskless workers, including manufacturing line operators, laboratory scientists, field technicians, and other critical workers in process-intensive environments. The Nymi Band 4 is … More →

The post Nymi Band 4 delivers passwordless MFA to deskless workers in OT environments appeared first on Help Net Security.

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous […]