VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. The flaw is rated critical (CVSS v3.1 score: 9.8) and stems...
Sneaky Ghostpulse malware loader hides inside PNG pixels • The Register
The Ghostpulse malware strain now retrieves its main payload via a PNG image file's pixels. This development, security experts say, is "one of the most significant changes" made by the crooks behind it since launching in 2023. The image file format is popularly...
China’s Spamouflage trolls US Sen. Marco Rubio • The Register
China's Spamouflage disinformation crew has been targeting US Senator Marco Rubio (R-Florida) with its fake news campaigns over the past couple of months, trolling the Republican lawmaker's official X account and posting negative stories about Rubio on Reddit...
Hackers exploit Roundcube webmail flaw to steal email, credentials
Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union. An attack was discovered by Russian...
Over 6,000 WordPress hacked to install plugins pushing infostealers
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become a scourge to security defenders worldwide as...
HM Surf macOS vuln potentially exploited by Adloader malware • The Register
In revealing details about a vulnerability that threatens the privacy of Apple fans, Microsoft urges all macOS users to update their systems. The bug, tracked as CVE-2024-44133 (CVSS 5.5) and patched in September's macOS Sequoia updates, is believed to be...
Internet Archive attacked again, through Zendesk • The Register
Despite the Internet Archive's assurances it's back on its feet after a recent infosec incident, the org still appears to be in trouble after parties unknown claimed to hold access tokens to its Zendesk implementation and to have used them to send a mass email...
Severe flaws in E2EE cloud storage platforms used by millions
Several end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors. Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with...
Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens. Since last night, BleepingComputer has received numerous messages from people who...
Researchers unveil LLM tool to find Python zero-days • The Register
Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day vulnerabilities in Python codebases with the help of Anthropic's Claude AI model. The software, called Vulnhuntr, was announced at the No Hat security...