Someone copied our GitHub project, added stars, and injected malicious code
https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
#HackerNews #GitHub #Security #CodeInjection #MaliciousCode #OpenSource #Community
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. #codeinjection #CyberAlerts https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/
A recent cybersecurity study revealed a sophisticated malware campaign targeting NuGet, a package manager for .NET applications. Attackers used homoglyphs, characters that look similar but have different codes (for example, the number '0' and the letter 'O', or the lowercase 'l' and the uppercase 'I'), to create fake packages that seemed legitimate but contained malicious code. They also employed IL weaving, a method that alters .NET binaries to insert harmful modules disguised as legitimate ones. This campaign involved around 60 packages and 290 versions, highlighting the need for increased vigilance in software supply chains.
https://thecyberexpress.com/homoglyphs-il-weaving-malicious-nuget-campaign/
#cybersecurity #NuGet #malware #homoglyphs #ILWeawing #malwarecampaign #DotNet #CodeInjection #SecurityResearch
💉 #commandinjection is a type of #cyberattack that involves injecting malicious commands into a system through vulnerable input fields.
🔒🛡️ Protecting against it is crucial to prevent unauthorized access, #databreaches, and potential system compromise.
To learn more: https://bit.ly/45VGBah
#commandinjectionattack #codeinjection #injectionattacks #owasp #applicationsecurity #vulnerabilities #waap #waf #apptrana #indusface
"🔓 #HCLDomino Vulnerability Alert: CVE-2023-37518 - A Critical Code Injection Risk! 🎯"
🚨 Attention InfoSec community! HCL Domino's BigFix ServiceNow module has a critical vulnerability - CVE-2023-37518. This flaw allows arbitrary code injection by an authorized attacker, posing a substantial risk to system integrity and data confidentiality. 🛡️💻
The vulnerability has a medium severity rating (CVSS v3: 6.4). Attack vector involves network access, with low complexity and low privilege requirements, making it a concerning security loophole. No user interaction is needed, amplifying the risk. 🌐🔐
Stay vigilant and ensure systems are updated to mitigate this threat. For detailed insights, check Tenable and OpenCVE.
Tags: #CyberSecurity #Vulnerability #CodeInjection #CVE202337518 #BigFix #ServiceNow #InfoSec #PatchManagement 🛠️🔒
"🚨 Vulnerability in Postman up until 10.22 for macOS - CVE-2024-23738 🚨"
A severe code injection vulnerability, CVE-2024-23738, affects Postman versions up to 10.22 on macOS, posing a significant threat. This flaw allows remote attackers to execute arbitrary code through specific settings (RunAsNode and enableNodeClilnspectArguments). Rated at a high CVSS v3 score of 9.8, it requires immediate attention. Postman is an API platform for building and using APIs. No current exploits or known active exploitation. Stay vigilant! 🛡️💻
Source: PRIOn and V3x0r's Github
Tags: #CVE202423738 #CyberSecurity #CodeInjection #Postman #macOS #Vulnerability #InfoSec #PatchManagement 🚀🔐
The malware strategically injects a specialized script tag into the victim’s browser, leading to an external script, enhancing the attack’s stealth by avoiding detection as simple loader scripts often are.
#Cybersecurity #Trojan #CodeInjection #IBM #JavaScript #Banking
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/
"Exploiting SharePoint: A Deep Dive into Pre-Auth RCE Chain 🛡️"
In a recent article by Nguyễn Tiến Giang (Jang) on STAR Labs, a meticulous exploration of a SharePoint exploit chain was discussed, which was demonstrated at P2O Vancouver 2023. The exploit chain, dubbed SharePoint Pre-Auth RCE chain, leverages two vulnerabilities: Authentication Bypass and Code Injection, to achieve pre-auth remote code execution (RCE) on a SharePoint server.
The Authentication Bypass allows an unauthenticated attacker to impersonate any SharePoint user by exploiting the JSON Web Tokens (JWTs) validation process. The Code Injection vulnerability, on the other hand, enables a SharePoint user with specific permissions to inject arbitrary code, leading to RCE.
The article provides a deep technical dive into the exploit chain, explaining the process of discovering and crafting the exploit. It's a fascinating read for anyone interested in cybersecurity, especially in understanding the intricacies of exploiting complex systems like SharePoint.
The vulnerabilities are identified as CVE-2023-29357 and CVE-2023-24955, and the article provides a detailed walkthrough of how these vulnerabilities were chained together to achieve RCE on SharePoint 2019 (version 16.0.10396.20000) with March 2023 patch (KB5002358 and KB5002357).
Source: STAR Labs
Tags: #SharePoint #CyberSecurity #ExploitChain #RCE #CVE202329357 #CVE202324955 #AuthenticationBypass #CodeInjection #P2OVancouver2023 🛡️💻🔓
"🚨 SAP's September Patches: From Code Injection to Memory Corruption 🚨"
SAP drops its September security patches, addressing 13 vulnerabilities ranging from Information Disclosure to Code Injection. With severity scores between 2.7 (Low) to 10.0 (Critical), these flaws impact various SAP products. Stay updated and patch up! 🛡️💼
Source: Cyber Security News
Tags: #SAP #SecurityPatches #CodeInjection #MemoryCorruption #CyberSecurity
📬 Twitter sammelt Nutzerdaten von über 70.000 Webseiten
#Datenschutz #Internet #Amazon #Audi #CodeInjection #ElonMusk #RestrictedDataUsage #Spotify #TwitterPixel #Volkswagen https://tarnkappe.info/artikel/datenschutz/twitter-sammelt-nutzerdaten-von-ueber-70-000-webseiten-260669.html
Interesting "Stealing passwords from infosec Mastodon - without bypassing CSP" by @gaz.
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
It says at the end that the vulnerability was only exploitable in the #Glitch fork (used by that instance), not #Mastodon itself.
Still, despite the slightly misleading title, that's some good research, and an interesting well-written article. 😄
Hey #infosec/#appsec peeps...
Ever wanted to work on #videogames? :) Cheat devs are using #hypervisor mods to do hard-to-detect #codeinjection and in-memory modification.
#Bungie needs a low-level security engineer to help develop strategies that can be implemented in game clients running on compromised hardware to detect, mitigate, and run psyops on cheaters and cheat devs.
If you like adversarial work, it's pretty awesome. Come talk to me :)
WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug - The shopping cart application contains a PHP object-injection bug. https://threatpost.com/wordpress_open_to_attacks_welcart_bug/161037/ #informationdisclosure #securityvulnerability #phpobjectinjection #vulnerabilities #denialofservice #codeinjection #websecurity #e-commerce #wordfence #wordpress #welcart #plugin #patch #bug
Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach - JM Bullion fell victim to a payment-card skimmer, which was in place for five months. https://threatpost.com/texas-gold-dealer-payment-data-breach/160846/ #paymentcardskimmer #vulnerablewebsite #databreachnotice #vulnerabilities #preciousmetals #codeinjection #websecurity #emailnotice #databreach #golddealer #jmbullion #magecart #breach #reddit #hacks
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft - Admins should patch their Citrix ADC and Gateway installs immediately. more: https://threatpost.com/citrix-bugs-allow-unauthenticated-code-injection-data-theft/157214/ #informationdisclosure #criticaladvisory #securityadvisory #vulnerabilities #denialofservice #codeinjection #cve-2020-8187 #cve-2020-8190 #cve-2020-8191 #cve-2020-8193 #cve-2020-8194 #cve-2020-8195 #cve-2020-8196 #cve-2020-8197 #cve-2020-8198 #cve-2020-8199 #adc
WordPress, Apache Struts Attract the Most Bug Exploits - An analysis found these web frameworks to be the most-targeted by cybercriminals in 2019. more: https://threatpost.com/wordpress-apache-struts-most-bug-exploits/153927/?utm_source=rss&utm_medium=rss&utm_campaign=wordpress-apache-struts-most-bug-exploits #securityvulnerabilities #weaponizationrate #vulnerabilities #inputvalidation #spotlightreport #codeinjection #cybersecurity #mostexploited #apachestruts #securitybugs #websecurity
