Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads Read more…

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an “aggressive” campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Read more…

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories Read more…

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS may Read more…

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum Read more…

Hackers Hijack Software Updates

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) Read more…

Software Supply Chain

The Unknown Risks of The Software Supply Chain: A Deep-Dive

The Unknown Risks of The Software Supply Chain: A Deep-Dive Jan 24, 2024The Hacker NewsVulnerability / Software Security In a world where more & more organizations are adopting open-source components as foundational blocks in their application’s infrastructure, it’s difficult to consider traditional SCAs as complete protection mechanisms against open-source threats. Read more…