Latest WinRAR, Drupal flaws under active exploitation

26 February 2019

CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is booted, and CVE-2019-6340, the remote execution flaw affecting the popular Drupal CMS, have been spotted being exploited by attackers. PoC attack code for both has been released shortly after their public disclosure and didn’t take long for attackers to adjust and use them.

Read full news article on Help Net Security

Date:

26 February 2019

Categorie(s):

NEWS

Tag(s):

Attacks, Content-management Framework, Drupal, Flaws, Open Source, Open Source Software, Web Development, Web Frameworks

Why cloud vulnerabilities need CVEs1 May 2024
Making cybersecurity more appealing to women, closing the skills gap1 May 2024
Cybersecurity jobs available right now: May 1, 20241 May 2024
How to Utilize Azure Logs to Identify Threats: Insights From Microsoft1 May 2024
Building a strong cloud security posture1 May 2024