Security News

Using LLMs to Exploit Vulnerabilities
2024-06-17 11:08

If it's actually a "Zero day" then by the definition it's unknown thus not in the LLM "Weights". "Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems."

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
2024-06-17 06:28

Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage...

Exploit for Veeam Recovery Orchestrator auth bypass available, patch now
2024-06-13 17:21

A proof-of-concept exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the risk of being exploited in attacks. CVE-2024-29855, rated 9.0 as per CVSS v3.1, is an authentication bypass vulnerability impacting Veeam Recovery Orchestrator versions 7.0.0.337 and 7.1.0.205 and older.

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally
2024-06-12 08:06

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the...

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
2024-06-11 14:25

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. TellYouThePass ransomware is known for quickly jumping on public exploits for vulnerabilities with a wide impact.

Exploit for critical Veeam auth bypass available, patch now
2024-06-10 15:05

A proof-of-concept exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making it urgent that admins apply the latest security updates. Veeam issued a security bulletin about the critical flaw on May 21, warning about a critical vulnerability enabling remote unauthenticated attackers to log in to VBEM's web interface as any user.

POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw
2024-06-07 01:16

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells
2024-06-06 21:26

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers' infrastructure to evade detection in subsequent operations.

Hackers Exploit Legitimate Packer Software to Spread Malware Undetected
2024-06-06 09:54

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and...

Exploit for critical Progress Telerik auth bypass released, patch now
2024-06-03 17:58

Researchers have published a proof-of-concept exploit script demonstrating a chained remote code execution vulnerability on Progress Telerik Report Servers. Cybersecurity researcher Sina Kheirkha developed the exploit with the help of Soroush Dalili and has now published a detailed write-up that describes the intricate process of exploiting two flaws, an authentication bypass and a deserialization issue, to execute code on the target.