A blind XPath injection vulnerability has been uncovered in Apache Ivy, a component of the Apache Software Foundation, which permits malicious actors to surreptitiously retrieve sensitive data that is normally restricted to the host running Apache Ivy. This security flaw is present in versions prior to 2.5.2 and occurs during the parsing of XML files …
Two Server-Side Request Forgery (SSRF) vulnerabilities have been identified in Apache Batik, potentially enabling malicious actors to gain unauthorized access to sensitive data within the Apache Batik application. These vulnerabilities specifically pertain to Apache XML Graphics Batik and have been assigned the CVE IDs CVE-2022-44729 and CVE-2022-44730. Apache Batik is a Java-based application toolkit employed …
Vulnerabilities in Apache XML Graphics Batik Expose Confidential Data Read More »
Over the past half-year, there has been a significant uptick, a staggering 61-fold increase, in the utilization of Cloudflare R2 by threat actors for hosting phishing pages. According to Jan Michael, a security researcher at Netskope, these phishing campaigns primarily focus on acquiring Microsoft login credentials, although there are instances targeting Adobe, Dropbox, and various …
While many Citrix Netscaler servers have been patched for a vulnerability known since July, attackers still maintain access. Security researchers from Fox-IT and the Dutch Institute of Vulnerability Disclosure (DIVD) jointly investigated a hacking campaign where malicious actors established webshells on Citrix Netscaler servers vulnerable to the CVE-2023-3519 security flaw. In total, nearly 2,000 systems …
Germany has the highest number of hacked Netscaler servers Read More »
Around 2,000 Citrix NetScaler instances have fallen victim to a backdoor attack, leveraging a recently disclosed critical security vulnerability as part of a widespread assault. According to an advisory from NCC Group, released on Tuesday, it appears that an attacker exploited CVE-2023-3519 in an automated manner, implanting web shells on vulnerable NetScalers to establish persistent …
Critical Vulnerability Exploited to Compromise Nearly 2,000 Citrix NetScaler Instances Read More »
HPE Aruba Networking has identified two critical vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affecting their Virtual Intranet Access (VIA) client designed for Microsoft Windows. In the event of a successful exploit, an attacker gains the ability to overwrite files without authorization. HPE Aruba Networking has taken immediate action to mitigate these high-severity vulnerabilities by releasing an update. …
Vulnerabilities in HPE Aruba Networking Products Enable Unauthorized File Overwriting Read More »
A vulnerability in the web-based management interface of both Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) has been identified. Cisco Unified CM is primarily used for managing voice and video calls, while Cisco Unified CM SME handles session routing intelligence. This vulnerability allows a remote …
The cybercrime group responsible for Raccoon Stealer has made a comeback after a six-month break, unveiling version 2.3.0 of their malware. This version, aimed at cybercriminals, is being advertised on hacker forums. The group’s resurgence follows several setbacks in 2022, leading to a temporary shutdown of their operations. New Features and Updates in Version 2.3.0: …
The Raccoon Stealer Makes a Comeback with Enhanced Evasion Features Read More »
A critical security vulnerability has been identified in Python’s URL parsing function, urllib.parse, specifically affecting its ability to correctly handle URLs starting with blank characters. This flaw, assigned the identifier CVE-2023-24329 with a CVSS score of 7.5, poses a risk as it can be exploited to circumvent domain or protocol blocklists, potentially leading to unauthorized …
Python URL Parsing Vulnerability Opens Door to Command Execution Attacks Read More »
ChatGPT, quickly amassing over 100 million users following its release, has been part of a trend involving advanced models like GPT-4 and various smaller versions. These Large Language Models (LLMs) find extensive applications, yet their flexibility with natural prompts presents vulnerabilities. This susceptibility notably includes Prompt Injection attacks, where attackers can circumvent controls. The line …
Hackers Successfully Breach ChatGPT Model Using Indirect Prompt Injection Technique Read More »