WatchGuard Firebox: Kritische Sicherheitslücken ermöglichen Code-Injection und Umgehung von Schutzmaßnahmen

https://www.all-about-security.de/watchguard-firebox-kritische-sicherheitsluecken-ermoeglichen-code-injection-und-umgehung-von-schutzmassnahmen/

#watchguard #CodeInjection #FirewallAppliances #firewall #XPathInjection #CVE

Operation DupeHike: Targeting Russian employees with DUPERUNNER and AdaptixC2

A campaign targeting Russian corporate entities, particularly HR, payroll, and administrative departments, has been uncovered. The attack uses realistic decoy documents themed around employee bonuses and financial policies. The malware ecosystem involves a malicious LNK file leading to an implant dubbed DUPERUNNER, which then loads the AdaptixC2 Beacon to connect to the threat actor's infrastructure. The infection chain begins with a spear-phishing ZIP archive containing PDF-themed LNK files. The DUPERUNNER implant, programmed in C++, performs various functions including downloading and opening decoy PDFs, process enumeration, and shellcode injection. The final stage involves the AdaptixC2 Beacon, which communicates with the command-and-control server. The campaign, tracked as UNG0902, uses multiple malicious infrastructures and is believed to be targeting employees of various organizations.

Pulse ID: 69304959476d2ade5f1c7ff2
Pulse Link: https://otx.alienvault.com/pulse/69304959476d2ade5f1c7ff2
Pulse Author: AlienVault
Created: 2025-12-03 14:29:45

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CodeInjection #CyberSecurity #InfoSec #LNK #Malware #OTX #OpenThreatExchange #PDF #Phishing #RAT #Russia #ShellCode #SpearPhishing #ZIP #bot #AlienVault

W jaki sposób exploit typu Content Injection może zniszczyć społeczność kultowej gry RTS?

StarCraft: Brood War i jego następca StarCraft 2 to ikony gatunku RTS (strategii czasu rzeczywistego) oraz jedne z najważniejszych gier komputerowych w historii, które od dekad cieszą się aktywną społecznością i profesjonalną sceną e-sportową. Jednak StarCraft 2 stoi obecnie przed poważnymi problemami, które zagrażają jego dalszemu rozwojowi i funkcjonowaniu gry....

#WBiegu #Blizzard #CodeInjection #Haktywizm #Starcraft

https://sekurak.pl/w-jaki-sposob-exploit-typu-content-injection-moze-zniszczyc-spolecznosc-kultowej-gry-rts/

🚨 ALERT 🚨: Someone figured out that your precious #Dependabot can be manipulated like a sneaky teenager with an unlimited credit card! 🤦‍♂️ Congratulations, now bots can help hackers throw a party in your codebase complete with command injection fireworks. 🎉 Keep pretending your #AppSec is secure, it'll be fun!
https://boostsecurity.io/blog/weaponizing-dependabot-pwn-request-at-its-finest #Vulnerability #CodeInjection #SecurityAlerts #HackerNews #HackerNews #ngated

Developers and gamers, listen up! Hackers are now using trusted tools and platforms to sneak in malicious code and clever scams. How are your projects staying secure in this evolving threat landscape?

https://thedefendopsdiaries.com/the-evolving-threat-landscape-how-hackers-target-fellow-developers-and-gamers/

#cybersecurity
#infosectrends
#codeinjection
#socialengineering
#gamerssecurity

Someone copied our GitHub project, added stars, and injected malicious code

https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/

#HackerNews #GitHub #Security #CodeInjection #MaliciousCode #OpenSource #Community

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. #codeinjection #CyberAlerts https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/

A recent cybersecurity study revealed a sophisticated malware campaign targeting NuGet, a package manager for .NET applications. Attackers used homoglyphs, characters that look similar but have different codes (for example, the number '0' and the letter 'O', or the lowercase 'l' and the uppercase 'I'), to create fake packages that seemed legitimate but contained malicious code. They also employed IL weaving, a method that alters .NET binaries to insert harmful modules disguised as legitimate ones. This campaign involved around 60 packages and 290 versions, highlighting the need for increased vigilance in software supply chains.

https://thecyberexpress.com/homoglyphs-il-weaving-malicious-nuget-campaign/

#cybersecurity #NuGet #malware #homoglyphs #ILWeawing #malwarecampaign #DotNet #CodeInjection #SecurityResearch

💉 #commandinjection is a type of #cyberattack that involves injecting malicious commands into a system through vulnerable input fields.

🔒🛡️ Protecting against it is crucial to prevent unauthorized access, #databreaches, and potential system compromise.

To learn more: https://bit.ly/45VGBah

#commandinjectionattack #codeinjection #injectionattacks #owasp #applicationsecurity #vulnerabilities #waap #waf #apptrana #indusface

"🔓 #HCLDomino Vulnerability Alert: CVE-2023-37518 - A Critical Code Injection Risk! 🎯"

🚨 Attention InfoSec community! HCL Domino's BigFix ServiceNow module has a critical vulnerability - CVE-2023-37518. This flaw allows arbitrary code injection by an authorized attacker, posing a substantial risk to system integrity and data confidentiality. 🛡️💻

The vulnerability has a medium severity rating (CVSS v3: 6.4). Attack vector involves network access, with low complexity and low privilege requirements, making it a concerning security loophole. No user interaction is needed, amplifying the risk. 🌐🔐

Stay vigilant and ensure systems are updated to mitigate this threat. For detailed insights, check Tenable and OpenCVE.

Tags: #CyberSecurity #Vulnerability #CodeInjection #CVE202337518 #BigFix #ServiceNow #InfoSec #PatchManagement 🛠️🔒

"🚨 Vulnerability in Postman up until 10.22 for macOS - CVE-2024-23738 🚨"

A severe code injection vulnerability, CVE-2024-23738, affects Postman versions up to 10.22 on macOS, posing a significant threat. This flaw allows remote attackers to execute arbitrary code through specific settings (RunAsNode and enableNodeClilnspectArguments). Rated at a high CVSS v3 score of 9.8, it requires immediate attention. Postman is an API platform for building and using APIs. No current exploits or known active exploitation. Stay vigilant! 🛡️💻

Source: PRIOn and V3x0r's Github

Tags: #CVE202423738 #CyberSecurity #CodeInjection #Postman #macOS #Vulnerability #InfoSec #PatchManagement 🚀🔐

The malware strategically injects a specialized script tag into the victim’s browser, leading to an external script, enhancing the attack’s stealth by avoiding detection as simple loader scripts often are.

#Cybersecurity #Trojan #CodeInjection #IBM #JavaScript #Banking

https://cybersec84.wordpress.com/2023/12/21/ibm-alerts-of-rising-javascript-injection-attacks-on-bank-accounts/

The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.

#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins

https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/

📬 Twitter sammelt Nutzerdaten von über 70.000 Webseiten
#Datenschutz #Internet #Amazon #Audi #CodeInjection #ElonMusk #RestrictedDataUsage #Spotify #TwitterPixel #Volkswagen https://tarnkappe.info/artikel/datenschutz/twitter-sammelt-nutzerdaten-von-ueber-70-000-webseiten-260669.html

Interesting "Stealing passwords from infosec Mastodon - without bypassing CSP" by @gaz.
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp

It says at the end that the vulnerability was only exploitable in the #Glitch fork (used by that instance), not #Mastodon itself.
Still, despite the slightly misleading title, that's some good research, and an interesting well-written article. 😄

#infosec #cybersecurity #codeInjection #WebSecurity

Hey #infosec/#appsec peeps...

Ever wanted to work on #videogames? :) Cheat devs are using #hypervisor mods to do hard-to-detect #codeinjection and in-memory modification.

#Bungie needs a low-level security engineer to help develop strategies that can be implemented in game clients running on compromised hardware to detect, mitigate, and run psyops on cheaters and cheat devs.

If you like adversarial work, it's pretty awesome. Come talk to me :)

#security #gamedev #ReverseEngineering #RE

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug - The shopping cart application contains a PHP object-injection bug. https://threatpost.com/wordpress_open_to_attacks_welcart_bug/161037/ #informationdisclosure #securityvulnerability #phpobjectinjection #vulnerabilities #denialofservice #codeinjection #websecurity #e-commerce #wordfence #wordpress #welcart #plugin #patch #bug