Tag: Code Injection
-
Malicious NuGet Campaign Tricking Developers To Inject Malicious Code
Hackers often target NuGet as it’s a popular package manager for .NET, which developers widely use to share and consume reusable code. …
-
60 New Malicious Packages Uncovered in NuGet Supply Chain Attack
Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign …
-
QR code SQL injection and other vulnerabilities in a popular biometric terminal
The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities …
-
MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new …
-
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning …
-
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows
Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be …
-
Over 4,000 Internet-facing Sophos Firewalls Vulnerable to Code Injection Attacks
The Sophos Firewall Webadmin and User Portal HTTP interfaces are vulnerable to unauthenticated and remote code execution, as stated in an …
-
Malicious code in APKPure app
Malicious code was detected in version 3.17.18 of the APKPure alternative app store for Android. We recommend deleting the infected version …
-
Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach
A popular precious-metals dealer, JM Bullion, has been the victim of a payment-skimmer attack. The company took months to notify its users …
-
The cybercrime ecosystem: attacking blogs
It is very common to see cybercriminals exploit vulnerabilities in blogging software such as WordPress and Joomla! for injecting their …
-
Website, Know Thyself: What Code Are You Serving?
When we think of “securing our website” from attackers, we often think of securing against hooded figures somewhere in Eastern Europe …
-
No summer break for Magecart as web skimming intensifies
This summer, you are more likely to find the cybercriminal groups Magecart client-side rather than poolside. Web skimming, which consists …
●●●