Adobe warns of ColdFusion file-reading vulnerability
Adobe released a critical security update for ColdFusion to address a vulnerability that allows attackers to read arbitrary files. All about the vulnerability - ColdFusion This vulnerability allows attackers to [...]
Araneida Scanner – Hackers Exploit Cracked Acunetix Scanner
Threat analysts report the “Araneida Scanner,” based on a cracked Acunetix version, is used for illegal activities like data scraping and exploiting vulnerabilities. Sold on Telegram, it’s actively used by [...]
Node.js systeminformation Package Enables RCE Attacks
A critical command injection vulnerability in the systeminformation npm package, CVE-2024-56334, exposes millions of systems to RCE and privilege escalation attacks. The flaw affects versions ≤5.23.6 and lies in the [...]
Malicious Amazon Appstore apps record screens and intercept OTPs
The “BMI CalculationVsn” app on the Amazon App Store secretly collects sensitive data, like app package names and SMS messages, posing a privacy risk. Its true intent appears to be [...]
Skuld Malware Exploits Windows Utilities Packages
Researchers uncovered a malware campaign in the npm ecosystem, where “k303903” used fake packages to spread the Skuld info stealer, compromising hundreds of machines before removal. Skuld Malware Analysis shows [...]
Get Social