Exploit Archives – Page 2 of 10

Microsoft Disables MSIX App Installer Protocol

Attackers have found a way to exploit a previously patched vulnerability.

Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software detection. MSIX Installer Protocol Exploited The emergence of a malware kit market, exploiting the MSIX file format and ms-app installer protocol is nothing new. However,… Continue reading Microsoft Disables MSIX App Installer Protocol

WordPress Critical Vulnerability Fixed in Patch 6.4.2

WordPress 6.4.2 fixes a vulnerability allowing attackers to execute PHP code on target websites.

WordPress has rolled out version 6.4.2, addressing a critical remote code execution (RCE) vulnerability. Discovered by the project’s security team, the vulnerability could potentially be exploited by threat actors to execute arbitrary PHP code on vulnerable websites. WordPress, a widely used open-source content management system, currently powers over 800 million sites, constituting approximately 45% of… Continue reading WordPress Critical Vulnerability Fixed in Patch 6.4.2

BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Bluetooth Forward and Future Secrecy (BLUFFS) vulnerabilities can leave devices vulnerable to man-in-the-middle attacks

Eurecom has uncovered a series of exploits named “BLUFFS”, posing a significant threat to the security of Bluetooth sessions. These attacks exploit two previously unknown flaws in the Bluetooth standard, impacting versions 4.2 through 5.4 and potentially putting billions of devices, including smartphones and laptops, at risk. BLUFFS Exploits – How Do They Work? BLUFFS… Continue reading BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Zimbra Vulnerability Exploited in the Wild

Zimbra has patched a vulnerability exploited by several threat actors.

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild

VMWare Cloud Director Vulnerability Circumvents Authentication

VMware reported an unpatched vulnerability affecting Cloud Director appliance deployments.

VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score of 9.8, specifically affects instances that have undergone an upgrade to version 10.5 from previous versions. VMWave Cloud Director Vulnerability Allows for Unauthorized Access Discovered… Continue reading VMWare Cloud Director Vulnerability Circumvents Authentication

New F5 BIG-IP Vulnerabilities Exploited In The Wild

F5 discloses two vulnerabilities in BIG-IP; CISA claims they're already exploited in the wild

Two new vulnerabilities in F5 BIG-IP reportedly allow for remote code execution and SQL injection. The company explains it as a bad input validation. The worst part though is that both vulnerabilities were probably exploited in real-world attacks. F5 BIG-IP Vulnerabilities Allows SQL Injection and Remote Code Execution On October 26, 2023, F5 published two… Continue reading New F5 BIG-IP Vulnerabilities Exploited In The Wild

New Confluence Vulnerability Leads to Unauthorised Access

A new CVE-2023-22518 vulnerability allows hackers to perform access data on the server without any authorization

Another vulnerability in the flagship product of Atlassian corporation, Confluence, allows hackers to access the servers and dump the data. As the company claims, the issue sits in the improper authorization within the Data Center and Server apps. The company already offers the patches for this breach. Confluence Data Center and Server Vulnerability Leads to… Continue reading New Confluence Vulnerability Leads to Unauthorised Access

Can Zero-Day Attacks Be Prevented With Patches?

Patches to 0-day breaches are offered as a magic pill. But are they?

In recent years, zero-day exploits and attacks have become prominent emerging threats. These attacks take advantage of unknown vulnerabilities within software, which makes them almost impossible to detect and prevent. Zero-day attacks can have dire consequences, allowing attackers to take control of systems, steal data, or install malware. What is a Zero-Day attack? A zero-day… Continue reading Can Zero-Day Attacks Be Prevented With Patches?

GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users

The vulnerability allowed some root privileges to be used when executing a file.

Cloud security researchers have discovered two easily exploitable privilege escalation vulnerabilities called GameOver(lay) in the Ubuntu OverlayFS module. These vulnerabilities could affect 40% of Ubuntu users. What is OverlayFS? OverlayFS in Linux is a unified file system used in Docker containers. Its function – modify files without changing the base filesystem. OverlayFS allows one directory… Continue reading GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users

Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites

Hackers use a vulnerability in the widely used WooCommerce Payments WordPress plugin to gain privileges of any user, including administrator, on vulnerable sites. WooCommerce Payments is a popular WordPress plugin that allows websites to accept credit cards as a payment method in WooCommerce stores. According to official statistics, the plugin has over 600,000 active installations.… Continue reading Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites