Aggregator
CVE-2024-43312 | WPClever WPC Frequently Bought Together for WooCommerce Plugin authorization
CVE-2024-43296 | bPlugins Flash & HTML5 Video Plugin up to 2.5.30 on WordPress authorization
CVE-2024-43314 | Gabe Livan Asset CleanUp Plugin up to 1.3.9.3 on WordPress authorization
CVE-2024-43332 | Jordy Meow Photo Engine Plugin up to 6.4.0 on WordPress authorization
CVE-2024-43343 | Etoile Web Design Order Tracking Plugin up to 3.3.12 on WordPress authorization
CVE-2024-43293 | WPZOOM Recipe Card Blocks for Gutenberg & Elementor Plugin authorization
CVE-2024-43298 | Migrate Clone Plugin up to 2.4.5 on WordPress authorization
CVE-2024-43297 | Migrate Clone Plugin up to 2.4.5 on WordPress authorization
CVE-2024-43341 | CozyThemes Hello Agency Plugin up to 1.0.5 on WordPress authorization
CVE-2024-43323 | ReviewX Plugin up to 1.6.28 on WordPress authorization
CVE-2024-43355 | BearDev JoomSport Plugin up to 5.3.0 on WordPress authorization
CVE-2024-43302 | Fonts Plugin up to 3.7.7 on WordPress authorization
HawkEye Malware: Technical Analysis
Editor’s note: The current article is authored by the threat researcher Aaron Jornet Sales, also known as RexorVc0. You can find him on X and LinkedIn. HawkEye, also known as PredatorPain (Predator Pain), is a malware categorized as a keylogger, but over the years, it has adopted new functionalities that align it with the capabilities of […]
The post HawkEye Malware: Technical Analysis appeared first on ANY.RUN's Cybersecurity Blog.
Иранские хакеры копируют Lazarus Group: случайное совпадение или тайный союз?
Microsoft 在 11 月补丁星期二中解决了关键的零日漏洞
Aerospace employees targeted with malicious “dream job” offers
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular employment-focused social media platform. “By leveraging LinkedIn, a platform inherently built on trust and professional connections, TA455 seeks to gain credibility and avoid raising suspicion. Their use of fake recruiter profiles associated with fabricated companies further … More →
The post Aerospace employees targeted with malicious “dream job” offers appeared first on Help Net Security.