30Mar
[webapps] Device Manager Express 7.8.20002.47752 – Remote Code Execution (RCE)
Device Manager Express 7.8.20002.47752 – Remote Code Execution (RCE)
30Mar
[webapps] myBB forums 1.8.26 – Stored Cross-Site Scripting (XSS)
myBB forums 1.8.26 – Stored Cross-Site Scripting (XSS)
30Mar
[webapps] Ecommerse v1.0 – Cross-Site Scripting (XSS)
Ecommerse v1.0 – Cross-Site Scripting (XSS)
29Mar
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google’s Threat Analysis Group (TAG) has revealed.
The two distinct campaigns were both limited and highl…
29Mar
Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers.
French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2…
29Mar
Smart Mobility has a Blindspot When it Comes to API Security
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry. However, this increased reliance on APIs has also made them one of the most common attack vectors. According to Gartner…
29Mar
How to Build a Research Lab for Reverse Engineering — 4 Ways
Malware analysis is an essential part of security researcher’s work. But working with malicious samples can be dangerous — it requires specialized tools to record their activity, and a secure environment to prevent unintended damage.
However, manual la…
29Mar
Apk.Sh – Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources…
29Mar
Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022.
“Clipboard injectors […] can be silent for years, show no n…
29Mar
North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang’s geopolitical interests since 2018.
Google-owned Mandiant, which is tracking the activ…
