January(137)  February(207)  March(430) April(317) May(278)  June(237)  July(216)  August(316) September(186) October(24) November(114) December(126)

DATE

NAME

INFO

CATEGORY

SUBCATE

31.1.24

Ricoh Printer - Directory and File Exposure

Hardware

Exploit

Remote

31.1.24

PHP Shopping Cart 4.2 - Multiple-SQLi

PHP

Exploit

WebApps

31.1.24

Fundraising Script 1.0 - SQLi

PHP

Exploit

WebApps

31.1.24

Typora v1.7.4 - OS Command Injection

Windows

Exploit

Local

31.1.24

Bank Locker Management System - SQL Injection

PHP

Exploit

WebApps

31.1.24

Blood Bank & Donor Management System using v2.2 - Stored XSS

PHP

Exploit

Remote

31.1.24

Equipment Rental Script-1.0 - SQLi

PHP

Exploit

Remote

31.1.24

7 Sticky Notes v1.9 - OS Command Injection

Windows

Exploit

Local

31.1.24

2024-01-25 - DarkGate activity

Zip files are password-protected. Of note, this site has a new password scheme. For the password, see the "about" page of this website.

Malware traffic

Malware traffic

31.1.24

2024-01-23 - UltraVNC infection

Zip files are password-protected. Of note, this site has a new password scheme. For the password, see the "about" page of this website.

Malware traffic

Malware traffic

31.1.24

Grandoreiro

Grandoreiro is one of the many Latin American banking trojans such as Javali, Melcoz, Casabeniero, Mekotio, and Vadokrist, primarily targeting countries like Spain, Mexico, Brazil, and Argentina.

Malware

Banking

31.1.24

CVE-2024-0402

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.

Vulnerebility

CVE

31.1.24

Mustang Panda

Stately Taurus Targets Myanmar Amidst Concerns over Military Junta’s Handling of Rebel Attacks

APT

APT

31.1.24

Rage Stealer

From Screen Captures to Crypto wallets: Analyzing the Multi-Faceted Threat of Rage Stealer

Malware

Stealer

31.1.24

Monster Stealer

RUSSIAN STEALER LOG AGGREGATOR RELEASES FULLY NATIVE INFOSTEALER

Malware

Stealer

31.1.24

ZLoader

Zloader: No Longer Silent in the Night

Malware

Trojan

30.1.24

CVE-2024-21619

(CVSS score: 5.3) - A missing authentication vulnerability that could lead to exposure of sensitive configuration information

Vulnerebility

CVE

30.1.24

CVE-2024-21620

(CVSS score: 8.8) - A cross-site scripting (XSS) vulnerability that could lead to the execution of arbitrary commands with the target's permissions by means of a specially crafted request

Vulnerebility

CVE

30.1.24

CVE-2023-35636

Microsoft Outlook Information Disclosure Vulnerability

Vulnerebility

CVE

30.1.24

NONAME

Older Leaks Re-Surfaces: LOCKBIT Imitator on Surface Web

Ransomware

Ransomware

30.1.24

Mimus

Mimo CoinMiner and Mimus Ransomware Installed via Vulnerability Attacks

Ransomware

Ransomware

30.1.24

Kuiper

Kuiper ransomware analysis: Stairwell’s technical report

Ransomware

Ransomware

30.1.24

Kasseika

The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood.

Ransomware

Ransomware

30.1.24

Albabat

On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community.

Ransomware

Ransomware

30.1.24

Phobos

Another Phobos Ransomware Variant Launches Attack – FAUST

Ransomware

Ransomware

29.1.24

LODEINFO

LODEINFO is a fileless malware that has been observed in campaigns that start with spear-phishing emails since December 2019.

Malware

Backdoor

29.1.24

CVE-2024-23897

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

Vulnerebility

CVE

29.1.24

SystemBC

Inside the SYSTEMBC Command-and-Control Server

Malware

Trojan

29.1.24

CVE-2024-20253

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

Vulnerebility

CVE

29.1.24

Midnight Blizzard

Midnight Blizzard: Guidance for responders on nation-state attack

APT

APT

29.1.24

AllaKore RAT

AllaKore is a simple Remote Access Tool written in Delphi, first observed in 2015 but still in early stages of development.

Malware

RAT

29.1.24

Kasseika

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 

Ransomware

Ransomware

29.1.24

CherryLoader

CherryLoader: A New Go-based Loader Discovered in Recent Intrusions

Malware

GO base

29.1.24

MavenGate

Android, Java apps susceptible to novel MavenGate software supply chain attack technique

Attack

Supply chain

29.1.24

RokRAT

It is a backdoor commonly distributed as an encoded binary file downloaded and decrypted by shellcode following the exploitation of weaponized documents.

Malware

RAT

29.1.24

CVE-2024-23222

A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3.

Vulnerebility

CVE

29.1.24

CVE-2023-22527

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance.

Vulnerebility

CVE

29.1.24

ZuRu

A malware that was observed being embedded alongside legitimate applications (such as iTerm2) offered for download on suspicious websites pushed in search engines. It uses a Python script to perform reconnaissance on the compromised system an pulls additional payload(s).

Malware

MacOS

29.1.24

Glupteba

Glupteba is a trojan horse malware that is one of the top ten malware variants of 2021. After infecting a system, the Glupteba malware can be used to deliver additional malware, steal user authentication information, and enroll the infected system in a cryptomining botnet.

Malware

Cryptomining

29.1.24

WhiteSnake Stealer

Info Stealing Packages Hidden in PyPI

Malware

Python

21.1.24

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

Vulnerebility

CVE

21.1.24

CVE-2023-34048

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

Vulnerebility

CVE

20.1.24

GPU kernel implementations susceptible to memory leak

General-purpose graphics processing unit (GPGPU) platforms from AMD, Apple, and Qualcomm fail to adequately isolate process memory, thereby enabling a local attacker to read memory from other processes.

Alert

Alert

20.1.24

SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies

A vulnerability has been found in the way that SMTP servers and software handle the end-of-data sequences (essentially the end of a single email message) in mail messages.

Alert

Alert

20.1.24

Vulnerabilities in EDK2 NetworkPkg IP stack implementation.

Multiple vulnerabilities were discovered in the TCP/IP stack (NetworkPkg) of Tianocore EDKII, an open source implementation of Unified Extensible Firmware Interface (UEFI).

Alert

Alert

20.1.24

Brute Force: Password Spraying

Adversaries may use a single or small list of commonly used passwords against many different accounts to attempt to acquire valid account credentials.

Attack

Brute Force

20.1.24

WasabiSeed

Screentime: Sometimes It Feels Like Somebody's Watching Me

Malware

VBS

20.1.24

TA866

Security Brief: TA866 Returns with a Large Email Campaign

Group

Campaign

19.1.24

ZuRu

Jamf Threat Labs discovers new malware embedded in pirated applications

Malware

OSX

19.1.24

CVE-2023-35078

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.

Vulnerebility

CVE

19.1.24

CVE-2023-35082

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication.

Vulnerebility

CVE

19.1.24

XMRig

Containerised Clicks: Malicious use of 9hits on vulnerable docker hosts

Cryptocurrency

Cryptocurrency

19.1.24

COLDRIVER

Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware

Group

Group

19.1.24

CVE-2023-45229

(CVSS score: 6.5) - Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message

Vulnerebility

CVE

19.1.24

CVE-2023-45230

(CVSS score: 8.3) - Buffer overflow in the DHCPv6 client via a long Server ID option
CVE-2023-45231 (

Vulnerebility

CVE

19.1.24

CVE-2023-45231

(CVSS score: 6.5) - Out-of-bounds read when handling a ND Redirect message with truncated options

Vulnerebility

CVE

19.1.24

CVE-2023-45232

(CVSS score: 7.5) - Infinite loop when parsing unknown options in the Destination Options header

Vulnerebility

CVE

19.1.24

CVE-2023-45233

(CVSS score: 7.5) - Infinite loop when parsing a PadN option in the Destination Options header

Vulnerebility

CVE

19.1.24

CVE-2023-45234

(CVSS score: 8.3) - Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message

Vulnerebility

CVE

19.1.24

CVE-2023-45235

(CVSS score: 8.3) - Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message

Vulnerebility

CVE

19.1.24

CVE-2023-45236

(CVSS score: 5.8) - Predictable TCP Initial Sequence Numbers

Vulnerebility

CVE

19.1.24

CVE-2023-45237

(CVSS score: 5.3) - Use of a weak pseudorandom number generator

Vulnerebility

CVE

18.1.24

Mind Sandstorm

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

Campaign

Campaign

18.1.24

Android-based PAX POS

Banking companies worldwide are finally shifting away from custom-made Point of Sale (POS) devices towards the wildly adopted and battle-tested Android operating system.

Vulnerebility

CVE

18.1.24

CVE-2017-9841

(PHP Unit Command)

Vulnerebility

CVE

18.1.24

CVE-2021-41773

(Apache HTTP Server versions), and

Vulnerebility

CVE

18.1.24

CVE-2018-15133

(Laravel applications)

Vulnerebility

CVE

18.1.24

AndroxGh0st

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Malware

Android

18.1.24

iShutdown

A lightweight method to detect potential iOS malware

Hacking

iOS

18.1.24

CVE-2024-0507

An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console.

Vulnerebility

CVE

18.1.24

CVE-2024-0200

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution.

Vulnerebility

CVE

17.1.24

CVE-2023-22527

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance.

Vulnerebility

CVE

17.1.24

CVE-2023-34063 

VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability (CVE-2023-34063)

Vulnerebility

CVE

17.1.24

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.

Vulnerebility

CVE

17.1.24

CVE-2023-3519

Unauthenticated remote code execution

Vulnerebility

CVE

17.1.24

CVE-2023-6549

(CVSS score: 8.2) - Denial-of-service (requires that the appliance be configured as a Gateway or authorization and accounting, or AAA, virtual server)

Vulnerebility

CVE

17.1.24

CVE-2023-6548

(CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management interface access)

Vulnerebility

CVE

17.1.24

CVE-2024-0519

Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

Vulnerebility

CVE

17.1.24

CVE-2022-22274

(CVSS score: 9.4) - A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or potentially result in code execution in the firewall.

Vulnerebility

CVE

17.1.24

CVE-2023-0656 

(CVSS score: 7.5) - A stack-based buffer overflow vulnerability in the SonicOS allows a remote, unauthenticated attacker to cause DoS, which could result in a crash.

Vulnerebility

CVE

17.1.24

Remcos RAT

Remcos RAT Being Distributed via Webhards

Malware

RAT

16.1.24

Phemedrone

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Malware

Stealer

16.1.24

CVE-2023-36025 

Windows SmartScreen Security Feature Bypass Vulnerability

Vulnerebility

CVE

15.1.24

CVE-2023-49722

(CVSS score: 8.3), the high-severity vulnerability was addressed by Bosch in November 2023.

Vulnerebility

CVE

14.1.24

CVE-2023-28771

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.

Vulnerebility

CVE

13.1.24

CVE-2024-21611

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

Vulnerebility

CVE

13.1.24

CVE-2024-21591

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.

Vulnerebility

CVE

12.1.24

Medusa

Medusa Ransomware Turning Your Files into Stone

Ransomware

Ransomware

12.1.24

Hadoop attack flow

Apache Applications Targeted by Stealthy Attacker

Attack

Apache

12.1.24

CVE-2023-24955

Microsoft SharePoint Server Remote Code Execution Vulnerability

Vulnerebility

CVE

12.1.24

CVE-2023-29357

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Vulnerebility

CVE

12.1.24

Flying Under the Radar: Abusing GitHub for Malicious Infrastructure

GitHub's services are frequently abused both by cybercriminals and advanced persistent threats (APTs) for a wide range of malicious infrastructure schemes.

KNIHOVNA

Reports

12.1.24

CVE-2023-51467

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code

Vulnerebility

CVE

12.1.24

CVE-2023-49070

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10

Vulnerebility

CVE

12.1.24

CVE-2023-51467

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code

Vulnerebility

CVE

12.1.24

FBot 

Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services

Malware

Linux

11.1.24

AMOS

Mac users targeted in new malvertising campaign delivering Atomic Stealer

Malware

osx

11.1.24

CVE-2023-46805

(CVSS score: 8.2) - An authentication bypass vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Vulnerebility

CVE

11.1.24

CVE-2024-21887

(CVSS score: 9.1) - A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

Vulnerebility

CVE

11.1.24

CVE-2024-20287

A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Vulnerebility

CVE

11.1.24

CVE-2024-20272

This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data.

Vulnerebility

CVE

11.1.24

NoaBot

You Had Me at Hi — Mirai-Based NoaBot Makes an Appearance

Malware

Bot

10.1.24

Babuk

Babuk is a Russian ransomware. In September 2021, the source code leaked with some of the decryption keys. Victims can decrypt their files for free.

Ransomware

Anti-Tool

10.1.24

CVE-2024-20677

Microsoft Office Remote Code Execution Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2024-0056

(CVSS score: 8.7), a security bypass affecting System.Data.SqlClient and Microsoft.Data.SqlClient.

Vulnerebility

CVE

10.1.24

CVE-2024-20653

(CVSS score: 7.8), a privilege escalation flaw impacting the Common Log File System (CLFS) driver

Vulnerebility

CVE

10.1.24

CVE-2024-20674 

(CVSS score: 9.0) - Windows Kerberos Security Feature Bypass Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2024-20700 

(CVSS score: 7.5) - Windows Hyper-V Remote Code Execution Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2023-27524

(CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.

Vulnerebility

CVE

10.1.24

CVE-2023-23752

(CVSS score: 5.3) - Joomla! Improper Access Control Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2016-20017

(CVSS score: 9.8) - D-Link DSL-2750B Devices Command Injection Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2023-41990

(CVSS score: 7.8) - Apple Multiple Products Code Execution Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2023-29300

(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

Vulnerebility

CVE

10.1.24

CVE-2023-38203

(CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

Vulnerebility

CVE

10.1.24

PikaBot

Introducing Pikabot, an emerging malware family that comprises a downloader/installer, a loader, and a core backdoor component.

Malware

Loader

10.1.24

DB#JAMMER

Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware

Campaign

Campaign

10.1.24

RE#TURGENCE

Securonix Threat Research Security Advisory: New RE#TURGENCE Attack Campaign: Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware

Operation

Operation

9.1.24

CVE-2023-47559

A cross-site scripting (XSS) vulnerability in QuMagie that could allow authenticated users to inject malicious code via a network (Addressed in QuMagie 2.2.1 and later)

Vulnerebility

CVE

9.1.24

CVE-2023-47560

An operating system command injection vulnerability in QuMagie that could allow authenticated users to execute commands via a network (Addressed in QuMagie 2.2.1 and later)

Vulnerebility

CVE

9.1.24

CVE-2023-41287

An SQL injection vulnerability in Video Station that could allow users to inject malicious code via a network (Addressed in Video Station 5.7.2 and later)

Vulnerebility

CVE

9.1.24

CVE-2023-41288

An operating system command injection vulnerability in Video Station that could allow users to execute commands via a network (Addressed in Video Station 5.7.2 and later)

Vulnerebility

CVE

9.1.24

CVE-2022-43634

An unauthenticated remote code execution vulnerability in Netatalk that could allow attackers to execute arbitrary code (Addressed in QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110)

Vulnerebility

CVE

9.1.24

Lumma Stealer

Deceptive Cracked Software Spreads Lumma Variant on YouTube

Malware

Stealer

9.1.24

Silver RAT

A GAMER TURNED MALWARE DEVELOPER : DIVING INTO SILVERRAT AND IT’S SYRIAN ROOTS

Malware

RAT

6.1.24

SpectralBlur

Today will be a quick post on a TA444 (aka Sapphire Sleet, BLUENOROFF, STARDUST CHOLLIMA) Macho family tracked as SpectralBlur we found in August, and how finding it led us to stumble upon an early iteration of KANDYKORN (aka SockRacket). Please read Elastic’s EXCELLENT piece on that family.

Malware

macOS

6.1.24

No-Justice

Wiper attack on Albania by Iranian APT

Malware

Wipper

5.1.24

Kyivstar

Exclusive: Russian hackers were inside Ukraine telecoms giant for months

Incident

Incident

5.1.24

CVE-2023-39336

Win32k Elevation of Privilege Vulnerability

Vulnerebility

CVE

5.1.24

Bandook RAT

Bandook - A Persistent Threat That Keeps Evolving

Malware

RAT

5.1.24

Remcos RAT

Ukraine Targeted by UAC-0050 Using Remcos RAT Pipe Method for Evasion

Malware

RAT

3.1.24

WhiteSnake Stealer

WhiteSnake Stealer malware sample on MalwareBazaar

Malware

Stealer

3.1.24

RisePro

RisePro is a stealer that is spread through downloaders like win.privateloader. Once executed on a system, the malware can steal credit card information, passwords, and personal data.

Malware

Stealer

3.1.24

SMTP Smuggling - Spoofing E-Mails Worldwide

In the course of a research project in collaboration with the SEC Consult Vulnerability Lab, Timo Longin (@timolongin) - known for his DNS protocol attacks - discovered a novel exploitation technique for yet another Internet protocol - SMTP (Simple Mail Transfer Protocol). Threat actors could abuse vulnerable SMTP servers worldwide to send malicious e-mails from arbitrary e-mail addresses, allowing targeted phishing attacks. Due to the nature of the exploit itself, this type of vulnerability was dubbed SMTP smuggling. Multiple 0-days were discovered, and various vendors were notified during our responsible disclosure in 2023.

Hacking

SPAM

1.1.24

Hijack Execution Flow: DLL Search Order Hijacking

Adversaries may execute their own malicious payloads by hijacking the search order used to load DLLs. Windows systems use a common method to look for required DLLs to load into a program.Hijacking DLL loads may be for the purpose of establishing persistence as well as elevating privileges and/or evading restrictions on file execution.

Hacking

DLL

1.1.24

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.

Vulnerebility

CVE

1.1.24

Terrapin Attack

Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation

Attack

SSH

1.1.24

Medusa Stealer

On Christmas Eve, Resecurity's HUNTER (HUMINT) spotted the author of perspective password stealer Meduza has released a new version (2.2).

Malware

Stealer

1.1.24

Jinx

Jinx – Malware 2.0 We know it’s big, we measured it!

Malware

Stealer