Hacker Trends
06/10
06/11
06/12
Statistic
10/23 04:30 (UTC)
06/10
06/11
06/12
7 Posts
Rejetto HTTP File Server (HFS) 2.x - Unauthenticated RCE exploit module (CVE-2024-23692) by sfewer-r7 · Pull Request #19240 · rapid7/metasploit-framework · GitHub
https://
github.com
/rapid7/metasploit-framework/pull/19240
6 Posts
Chinese hackers breached 20,000 FortiGate systems worldwide
https://
www.bleepingcomputer.com
/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/
6 Posts
Progressive Web Apps (PWAs) Phishing | mr.d0x
https://
mrd0x.com
/progressive-web-apps-pwa-phishing/
5 Posts
Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap | NCC Group Research Blog | Making the world safer and more secure
https://
research.nccgroup.com
/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/
5 Posts
Pure Storage confirms data breach after Snowflake account hack
https://
www.bleepingcomputer.com
/news/security/pure-storage-confirms-data-breach-after-snowflake-account-hack/
5 Posts
City of Cleveland shuts down IT systems after cyberattack
https://
www.bleepingcomputer.com
/news/security/city-of-cleveland-shuts-down-it-systems-after-cyberattack/
5 Posts
New Warmcookie Windows backdoor pushed via fake job offers
https://
www.bleepingcomputer.com
/news/security/new-warmcookie-windows-backdoor-pushed-via-fake-job-offers/
4 Posts
Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing - SecurityWeek
https://
www.securityweek.com
/patch-tuesday-remote-code-execution-flaw-in-microsoft-message-queuing/
4 Posts
Gitloker attacks abuse GitHub notifications to push malicious OAuth apps
https://
www.bleepingcomputer.com
/news/security/gitloker-attacks-abuse-github-notifications-to-push-malicious-oauth-apps/
4 Posts
Aanhoudende statelijke cyberspionagecampagne via kwetsbare edge devices | Nieuwsbericht | Nationaal Cyber Security Centrum
https://
www.ncsc.nl
/actueel/nieuws/2024/juni/10/aanhoudende-statelijke-cyberspionagecampagne-via-kwetsbare-edge-devices
4 Posts
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
https://
www.bleepingcomputer.com
/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/
4 Posts
Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
https://
thehackernews.com
/2024/06/chinese-actor-secshow-conducts-massive.html
4 Posts
Pure Storage admits breach related to Snowflake workspace • The Register
https://
go.theregister.com
/feed/www.theregister.com/2024/06/11/pure_storage_snowflake_breach/
4 Posts
Noodle RAT Reviewing the New Backdoor Used by Chinese-Speaking Groups | Trend Micro (US)
https://
www.trendmicro.com
/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
3 Posts
Moar Infosec Diagrams Pwease 🥹 - Jamie Williams - Medium
https://
medium.com
/@jwillyamz/moar-infosec-diagrams-pwease-8e7841109109
3 Posts
GitHub - dhinakg/aeota: AEA OTA/IPSW decryption
https://
github.com
/dhinakg/aeota
3 Posts
Cylance confirms data breach linked to 'third-party' platform
https://
www.bleepingcomputer.com
/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/
3 Posts
Netgear WNR614 flaws allow device takeover, no fix available
https://
www.bleepingcomputer.com
/news/security/netgear-wnr614-flaws-allow-device-takeover-no-fix-available/
3 Posts
SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver - SecurityWeek
https://
www.securityweek.com
/sap-patches-high-severity-vulnerabilities-in-financial-consolidation-netweaver/
3 Posts
An Introduction to Chrome Exploitation - Maglev Edition :: — uf0
https://
www.matteomalvica.com
/blog/2024/06/05/intro-v8-exploitation-maglev/
3 Posts
Going Native - Malicious Native Applications
https://
www.protexity.com
/post/going-native-malicious-native-applications
3 Posts
BlackBerry Cylance Data Offered for Sale on Dark Web - SecurityWeek
https://
www.securityweek.com
/blackberry-cylance-data-offered-for-sale-on-dark-web/
3 Posts
The First Decade of Corporate Ransomware - YouTube
https://
youtube.com
/watch?v=Ap8gWBNQ24g
3 Posts
Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
https://
www.bleepingcomputer.com
/news/microsoft/microsoft-june-2024-patch-tuesday-fixes-51-flaws-18-rces/
3 Posts
Arm warns of actively exploited flaw in Mali GPU kernel drivers
https://
www.bleepingcomputer.com
/news/security/arm-warns-of-actively-exploited-flaw-in-mali-gpu-kernel-drivers/
3 Posts
MalwareBazaar | SHA256 9a5538a418f9949f3064574d25e233510e4e49cac490238d0532f0ada0c7e587
https://
bazaar.abuse.ch
/sample/9a5538a418f9949f3064574d25e233510e4e49cac490238d0532f0ada0c7e587/
3 Posts
Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs
https://
www.elastic.co
/security-labs/dipping-into-danger
3 Posts
Analyzing the security properties of a ZKTeco biometric terminal | Securelist
https://
securelist.com
/biometric-terminal-vulnerabilities/112800/
3 Posts
23andMe data breach under joint investigation in two countries | Malwarebytes
https://
www.malwarebytes.com
/blog/news/2024/06/23andme-data-breach-under-joint-investigation-in-two-countries
3 Posts
JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens
https://
www.bleepingcomputer.com
/news/security/jetbrains-warns-of-intellij-ide-bug-exposing-github-access-tokens/
3 Posts
BrowserBruter: A powerful web form fuzzing automation tool
https://
meterpreter.org
/browserbruter-a-powerful-web-form-fuzzing-automation-tool/
3 Posts
Arm Warns of Exploited Kernel Driver Vulnerability - SecurityWeek
https://
www.securityweek.com
/arm-warns-of-exploited-kernel-driver-vulnerability/
3 Posts
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
https://
thehackernews.com
/2024/06/arm-warns-of-actively-exploited-zero.html