Discord Admins Hacked by Malicious Bookmarks – Krebs on Security
A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into...
Harvard Pilgrim Health Care Ransomware Attack Hits 2.5 Million People
Last week, the organization published a notice informing that ransomware actors maintained access to its systems between March 28 and...
New MOVEit Transfer Zero-Day Mass-Exploited in Data Theft Attacks
"Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the...
QBot Abuses Windows WordPad for Infection
QBot operators are exploiting a DLL hijacking flaw in the Windows 10 WordPad executable known as write.exe to avoid detection....
CVE-2023-33509
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection.
CVE-2023-33544
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the...
CVE-2023-33546
janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method....
CVE-2023-33551
Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via...
CVE-2023-33552
Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via...
CVE-2023-33627 (magic_r300-2100m_firmware)
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm.