Security News > 2025 > January > Fake LDAPNightmware exploit on GitHub spreads infostealer malware

2025-01-11 15:21
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]
News URL
Related news
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets (source)
- 200-plus impressively convincing GitHub repos are serving up malware (source)
- Hundreds of GitHub repos served up malware for years (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-12 | CVE-2024-49113 | Unspecified vulnerability in Microsoft products Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 0.0 |