Aggregator

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Security Affairs
1 week ago
Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]
Pierluigi Paganini

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

The Hackers News
1 week ago
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then
The Hacker News

Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 week ago

An Malicious actors are using reliable internet resources, such as the Internet Archive, more frequently to disseminate clandestine malware components in a worrying increase in cyberthreats. This tactic exploits the inherent trustworthiness of such platforms, allowing attackers to bypass traditional security filters and deliver payloads under the guise of legitimate content. The latest incident highlights […]

The post Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2023-38533 | Siemens TIA Administrator up to 3 SP1 on Windows temp file (ssa-319319 / 3 SP2)

Vuldb Updates
1 week ago
A vulnerability identified as problematic has been detected in Siemens TIA Administrator up to 3 SP1 on Windows. This affects an unknown function. This manipulation causes creation of temporary file in directory with insecure permissions. This vulnerability appears as CVE-2023-38533. The attack requires local access. There is no available exploit. It is suggested to install a patch to address this issue.
vuldb.com

CVE-2025-9088 | Tenda AC20 16.03.08.12 formSetVirtualSer save_virtualser_data list stack-based overflow

Vuldb Updates
1 week ago
A vulnerability was found in Tenda AC20 16.03.08.12. It has been rated as critical. This affects the function save_virtualser_data of the file /goform/formSetVirtualSer. Performing manipulation of the argument list results in stack-based buffer overflow. This vulnerability is known as CVE-2025-9088. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2025-55587 | TOTOLINK A3002R 4.0.0-B20230531.1404 /boafrm/formMapDelDevice Hostname buffer overflow

Vuldb Updates
1 week ago
A vulnerability has been found in TOTOLINK A3002R 4.0.0-B20230531.1404 and classified as critical. The affected element is an unknown function of the file /boafrm/formMapDelDevice. This manipulation of the argument Hostname causes buffer overflow. This vulnerability is handled as CVE-2025-55587. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

CVE-2025-55589 | TOTOLINK A3002R 4.0.0-B20230531.1404 /boafrm/formMapDelDevice clientoff os command injection

Vuldb Updates
1 week ago
A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been rated as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice. The manipulation of the argument clientoff leads to os command injection. This vulnerability is referenced as CVE-2025-55589. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2025-55591 | TOTOLINK A3002R 4.0.0-B20230531.1404 formMapDel devicemac command injection

Vuldb Updates
1 week ago
A vulnerability described as critical has been identified in TOTOLINK A3002R 4.0.0-B20230531.1404. This issue affects some unknown processing of the file formMapDel. Executing manipulation of the argument devicemac can lead to command injection. This vulnerability is registered as CVE-2025-55591. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-9087 | Tenda AC20 16.03.08.12 SetNetControlList Endpoint set_qosMib_list stack-based overflow (EUVD-2025-25102)

Vuldb Updates
1 week ago
A vulnerability was found in Tenda AC20 16.03.08.12. It has been declared as critical. Affected by this issue is the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. Such manipulation of the argument list leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-9087. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9089 | Tenda AC20 16.03.08.12 /goform/SetIpMacBind sub_48E628 list stack-based overflow (EUVD-2025-25103)

Vuldb Updates
1 week ago
A vulnerability categorized as critical has been discovered in Tenda AC20 16.03.08.12. This vulnerability affects the function sub_48E628 of the file /goform/SetIpMacBind. Executing manipulation of the argument list can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2025-9089. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com

CVE-2025-9090 | Tenda AC20 16.03.08.12 Telnet Service /goform/telnet websFormDefine command injection (EDB-52418)

Vuldb Updates
1 week ago
A vulnerability identified as critical has been detected in Tenda AC20 16.03.08.12. This issue affects the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2025-9090. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

Managed ad