javascript

October 18, 2023

New Admin Takeover Vulnerability Exposed in Synology’s DiskStation Manager

A medium-severity flaw has been discovered in Synology’s DiskStation Manager (DSM) that could be exploited to decipher an administrator’s password…
Read More »
October 16, 2023

Binance’s Smart Chain Exploited in New ‘EtherHiding’ Malware Campaign

Threat actors have been observed serving malicious code by utilizing Binance’s Smart Chain (BSC) contracts in what has been described…
Read More »
October 11, 2023

Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector,…
Read More »
October 10, 2023

New Magecart Campaign Alters 404 Error Pages to Steal Shoppers’ Credit Cards

A sophisticated Magecart campaign has been observed manipulating websites’ default 404 error page to conceal malicious code in what’s been…
Read More »
October 10, 2023

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to…
Read More »
October 6, 2023

Supermicro’s BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs)…
Read More »
October 5, 2023

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a…
Read More »
October 3, 2023

Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers

Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data…
Read More »
September 29, 2023

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc…
Read More »
September 28, 2023

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an…
Read More »

Previous page Next page