Aggregator

CVE-2020-11987 | Oracle Retail Order Broker 15.0/16.0 Apache Batik input validation (Nessus ID 242417)

Vuldb Updates
2 months ago
A vulnerability was found in Oracle Retail Order Broker 15.0/16.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Apache Batik. The manipulation leads to improper input validation. This vulnerability is known as CVE-2020-11987. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-11987 | Oracle Retail Order Management System Cloud Service 19.5 Apache Batik input validation (Nessus ID 242417)

Vuldb Updates
2 months ago
A vulnerability was found in Oracle Retail Order Management System Cloud Service 19.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component Apache Batik. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2020-11987. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-11987 | Oracle Insurance Policy Administration up to 11.3.1 Apache Batik input validation (Nessus ID 242417)

Vuldb Updates
2 months ago
A vulnerability has been found in Oracle Insurance Policy Administration up to 11.3.1 and classified as critical. This vulnerability affects unknown code of the component Apache Batik. The manipulation leads to improper input validation. This vulnerability was named CVE-2020-11987. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Cybercriminals Use Zoho WorkDrive Folders to Spread Obfuscated PureRAT Malware

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months ago

A targeted attack against a U.S.-based certified public accounting firm was discovered in May 2025 by cybersecurity experts, according to a recent study described in eSentire’s Threat Response Unit (TRU) Positives report. The campaign leveraged a novel crypter named “Ghost Crypt” to deliver PureRAT, a Remote Access Trojan (RAT) that has surged in prevalence throughout […]

The post Cybercriminals Use Zoho WorkDrive Folders to Spread Obfuscated PureRAT Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

21st July – Threat Intelligence Report

Check Point Research
2 months ago

For the latest discoveries in cyber research for the week of 21st July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Luxury retailer Louis Vuitton has suffered a cyber-attack that resulted in the exfiltration of certain personal data of customers from the UK, South Korea, Turkey, Italy, and Sweden after unauthorized access to […]

The post 21st July – Threat Intelligence Report appeared first on Check Point Research.

[email protected]

NailaoLocker Ransomware Attacking Windows Systems Using Chinese SM2 Cryptographic Standard

Cyber Security News
2 months ago

FortiGuard Labs has discovered a sophisticated new ransomware strain called NailaoLocker that represents a significant departure from conventional encryption malware. This Windows-targeting threat introduces the first documented use of China’s SM2 cryptographic standard in ransomware operations, marking a notable shift toward region-specific cryptographic implementations in cybercriminal activities. The malware’s name, derived from the Chinese word […]

The post NailaoLocker Ransomware Attacking Windows Systems Using Chinese SM2 Cryptographic Standard appeared first on Cyber Security News.

Tushar Subhra Dutta

APT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware Deployment

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months ago

Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the continent, which had previously seen minimal incidents from this actor. The attackers embedded hardcoded names of internal services, IP addresses, and proxy […]

The post APT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware Deployment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

Security Affairs
2 months ago
Iran-linked APT MuddyWater is deploying new DCHSpy spyware variants to target Android users amid the ongoing conflict with Israel. Lookout researchers observed Iran-linked APT MuddyWater  (aka SeedWorm, TEMP.Zagros, and Static Kitten) is deploying a new version of the DCHSpy Android spyware in the context of the Israel-Iran conflict. The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in […]
Pierluigi Paganini

Managed ad