Tag JavaScript

Active HanGhost Loader Campaign Targets Payment and Logistics Workflows in Enterprises

Emerging HanGhost Loader Malware Targets Corporate Finance and Operations A new malware campaign centered around the HanGhost loader is making waves, specifically targeting corporate environments. This malicious initiative primarily aims at employees involved in payment processing, logistics, and contract management. With a stealthy approach designed to evade detection, HanGhost seeks…

Read MoreActive HanGhost Loader Campaign Targets Payment and Logistics Workflows in Enterprises

New ‘Trojan Source’ Technique Allows Hackers to Conceal Vulnerabilities in Source Code

November 1, 2021

A groundbreaking class of vulnerabilities has emerged, enabling threat actors to inject misleading malware that technically adheres to coding logic while distorting its intended functionality. Known as “Trojan Source attacks,” this method exploits nuances in text-encoding standards like Unicode, allowing the arrangement of source code tokens to differ from their displayed order. This results in vulnerabilities that evade detection by human reviewers, according to researchers Nicholas Boucher and Ross Anderson from Cambridge University, who outlined the findings in a recent paper. These vulnerabilities, identified as CVE-2021-42574 and CVE-2021-42694, impact compilers across numerous widely-used programming languages, including C, C++, C#, JavaScript, Java, Rust, Go, and Python. Compilers are essential tools that convert high-level human-readable code into executable machine code.

New ‘Trojan Source’ Technique Enables Hackers to Conceal Vulnerabilities in Code On November 1, 2021, researchers at Cambridge University unveiled a concerning development in cybersecurity: a technique known as “Trojan Source attacks.” This novel class of vulnerabilities allows threat actors to incorporate visually misleading malware within source code, maintaining logical…

Read More

New ‘Trojan Source’ Technique Allows Hackers to Conceal Vulnerabilities in Source Code

November 1, 2021

A groundbreaking class of vulnerabilities has emerged, enabling threat actors to inject misleading malware that technically adheres to coding logic while distorting its intended functionality. Known as “Trojan Source attacks,” this method exploits nuances in text-encoding standards like Unicode, allowing the arrangement of source code tokens to differ from their displayed order. This results in vulnerabilities that evade detection by human reviewers, according to researchers Nicholas Boucher and Ross Anderson from Cambridge University, who outlined the findings in a recent paper. These vulnerabilities, identified as CVE-2021-42574 and CVE-2021-42694, impact compilers across numerous widely-used programming languages, including C, C++, C#, JavaScript, Java, Rust, Go, and Python. Compilers are essential tools that convert high-level human-readable code into executable machine code.

Critical n8n Vulnerability CVE-2026-25049 Allows Remote Command Execution Through Malicious Workflows

Critical Security Vulnerability Discovered in n8n Workflow Automation Platform A significant security vulnerability has been identified in the n8n workflow automation platform, posing a serious risk of arbitrary command execution on affected systems. Tracked as CVE-2026-25049 and rated with a CVSS score of 9.4, this flaw results from insufficient validation…

Read MoreCritical n8n Vulnerability CVE-2026-25049 Allows Remote Command Execution Through Malicious Workflows

Researchers Uncover Significant RCE Vulnerability in Quarkus Java Framework

A serious security vulnerability has been identified in the Quarkus Java framework, exposing systems to the potential risk of remote code execution. This flaw has been assigned CVE-2022-4116 and carries a CVSS score of 9.8, indicating a high severity level. Importantly, this vulnerability can be exploited by malicious actors without…

Read MoreResearchers Uncover Significant RCE Vulnerability in Quarkus Java Framework

North Korean Cyber Criminals Set Sights on Cryptocurrencies and POS Systems

In a new wave of cybercrime, the Lazarus Group, a North Korean state-sponsored hacking organization, has ramped up its activities, focusing on the cryptocurrency sector. Recent reports by security firm Proofpoint indicate a large-scale malware campaign targeting digital currency users, further illustrating the group’s extensive involvement in financially motivated cyberattacks.…

Read MoreNorth Korean Cyber Criminals Set Sights on Cryptocurrencies and POS Systems

New Vulnerability in Popular WordPress Plugin Affects Over One Million Sites and is Being Actively Exploited

A notable security vulnerability has emerged within the widely used WordPress plugin, Essential Addons for Elementor. This vulnerability, recognized as CVE-2023-32243, allows potential attackers to escalate privileges on compromised sites, posing significant risks to website security. The plugin’s maintainers addressed this issue in version 5.7.2, released on May 11, 2023.…

Read MoreNew Vulnerability in Popular WordPress Plugin Affects Over One Million Sites and is Being Actively Exploited

Critical Vulnerability Found in Signal Messaging App for Windows and Linux

Recent analysis has uncovered a critical vulnerability within the Signal messaging application for Windows and Linux systems. This flaw poses a significant threat, as it could potentially enable remote attackers to execute arbitrary code on the target’s device merely through message transmission—eliminating the need for any user interaction to instigate…

Read MoreCritical Vulnerability Found in Signal Messaging App for Windows and Linux

GhostDNS: Botnet Hijacks Over 100,000 Routers with New DNS Changer

Major Malware Campaign Targets Home Routers, Compromising User Security Chinese cybersecurity researchers have revealed a significant ongoing malware campaign, known as GhostDNS, which has compromised over 100,000 home routers. The attack modifies the Domain Name System (DNS) settings of these devices, routing users to malicious websites designed to steal login…

Read MoreGhostDNS: Botnet Hijacks Over 100,000 Routers with New DNS Changer