Aggregator

anonmoose Has Allegedly Leaked the Data of BigSMM

​Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...]

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. The bootkit allows attackers to disable the kernel’s signature verification feature and to preload two as yet unknown ELF […]

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. [...]

CornDB is Allegedly Selling Credit Card Data of Hyp Payment Solutions

A vulnerability was found in ARM Trusted Firmware-M 1.4.0/1.4.1 and classified as critical. Affected by this issue is some unknown functionality of the component Firmware Update Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2021-43619. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in Trusted Firmware-A up to 2.8. Affected by this vulnerability is an unknown functionality of the component X.509 Parser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2022-47630. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Trusted Firmware-M up to 1.8.0. This affects an unknown part of the component CryptoCell PSA Driver software Interface. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2023-40271. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A Threat Actor Claims to be Selling Data of Madame GS

A Threat Actor Claims to be Selling Thailand Investment Company Leads

A Threat Actor has Allegedly Leaked the Data of Alihankinta

A Threat Actor is Allegedly Selling the Data of ZuZu[.]ch

Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach. [...]