Category Archives: Security

Malware dev lures child exploiters into honeytrap to extort them

A malware developer has taken an unusual approach by creating a malicious campaign targeting individuals searching for child exploitation material. The malware, dubbed ‘CryptVPN,’ poses as a subscription service for accessing illicit content. Users are enticed with a free download but end up installing ransomware instead. Once infected, their wallpaper changes to an extortion demand,…

New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

A new information stealer, likely a variant of RedLine Stealer, has emerged, utilizing Lua bytecode for enhanced stealth. RedLine Stealer, documented since March 2020, targets cryptocurrency wallets, VPNs, and browsers for sensitive data. McAfee found the malware abusing GitHub, disguising itself as game cheats in ZIP files, leveraging Microsoft repositories. The malware, spread via MSI…

GitHub comments abused to push malware via Microsoft repo URLs

The Forminator WordPress plugin, utilized in over 500,000 sites, contains a critical flaw enabling unrestricted file uploads, putting sensitive information at risk and potentially causing denial-of-service conditions. Three vulnerabilities, including insufficient file validation, SQL injection, and cross-site scripting, affect various plugin versions. Site admins should update to version 1.29.3 immediately. Despite a security update, 320,000…

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks discloses a critical vulnerability, CVE-2024-3400, in PAN-OS actively exploited by threat actors. This intricate flaw combines two bugs in PAN-OS versions 10.2, 11.0, and 11.1, enabling unauthenticated remote shell command execution when chained together. Threat actor UTA0218 conducted a two-stage attack, known as Operation MidnightEclipse, utilizing a backdoor called UPSTYLE. Despite initial…

CrushFTP warns users to patch exploited zero-day “immediately”

CrushFTP Urges Immediate Patching for Exploited Zero-Day Vulnerability CrushFTP has issued a warning to its users regarding an actively exploited zero-day vulnerability, urging immediate patching. The flaw allows unauthenticated attackers to access system files beyond the user’s virtual file system. However, those using a DMZ perimeter network are partially shielded. Users are advised to update…

Daily Newsletter

Subscribe to our free daily newsletter to get the latest summarized updates