exploit

  • Blog
    digitpatrox1 week ago
    78

    Fake LDAPNightmware exploit on GitHub spreads infostealer malware

    A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tactic isn’t novel, as there have been multiple documented cases of malicious tools disguised as PoC exploits on GitHub. However, this case, discovered by Trend Micro, highlights that threat actors continue to use the…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    48

    Malware botnets exploit outdated D-Link routers in recent attacks

    Two botnets tracked as ‘Ficora’ and ‘Capsaicin’ have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. The list of targets includes popular D-Link devices used by individuals and organizations such as DIR-645, DIR-806, GO-RT-AC750, and DIR-845L. For initial access, the two pieces of malware use known exploits for CVE-2015-2051,…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    39

    Hackers exploit Four-Faith router flaw to open reverse shells

    Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. The malicious activity was discovered by VulnCheck, who informed Four-Faith about the active exploitation on December 20, 2024. However, it is unclear if security updates for the vulnerability are currently available. “We notified Four-Faith and our…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    46

    Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

    Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. Leveraging the security issue repeatedly, however, causes the device to enter maintenance mode and manual intervention is required to restore it to normal operations. “A Denial of Service vulnerability in the DNS Security feature of Palo Alto…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    52

    Adobe warns of critical ColdFusion bug with PoC exploit code

    Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. In an advisory released on Monday, the company says the flaw (tracked as CVE-2024-53961) is caused by a path traversal weakness that impacts Adobe ColdFusion versions 2023 and 2021 and can enable attackers to read arbitrary files on vulnerable servers. “Adobe is aware that CVE-2024-53961…

    Read More »
  • Blog
    digitpatroxDecember 4, 2024
    59

    Exploit released for critical WhatsUp Gold RCE flaw, patch now

    A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. The flaw is tracked as CVE-2024-8785 (CVSS v3.1 score: 9.8) and was discovered by Tenable in mid-August 2024. It exists in the NmAPI.exe process in WhatsUp Gold versions from…

    Read More »
  • Blog
    digitpatroxNovember 28, 2024
    56

    Hackers exploit ProjectSend flaw to backdoor exposed servers

    Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critical authentication bug impacting ProjectSend versions before r1720, allowing attackers to send specially crafted HTTP requests to ‘options.php’ to change the application’s configuration. Successful exploitation allows the creation of rogue…

    Read More »
  • Blog
    digitpatroxNovember 19, 2024
    71

    Chinese hackers exploit Fortinet VPN zero-day to steal credentials

    Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and reported it to Fortinet, but…

    Read More »
  • Blog
    digitpatroxOctober 24, 2024
    155

    Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

    The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. Kaspersky discovered the attacks on May 13, 2024, and reported the Chrome zero-day flaw to Google. Google issued a fix for CVE-2024-4947 on May 25, with Chrome version 125.0.6422.60/.61. Lazarus tank games Kaspersky discovered the…

    Read More »
  • Blog
    digitpatroxOctober 22, 2024
    91

    Hackers exploit Roundcube webmail flaw to steal email, credentials

    Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union. An attack was discovered by Russian cybersecurity company Positive Technologies in September, but the researchers determined that the threat actor activity had started in June. Roundcube Webmail is an…

    Read More »
Load More
Back to top button
close