Security News

A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams. Two WordPress security firms, Wordfence and WPScan, have marked CVE-2023-5360 as actively exploited since August 30, 2023, with the attack volume ramping up starting on October 3, 2023.

Perceived weaknesses in the security of Microsoft's Visual Studio IDE are being raised once again this week with a fresh single-click exploit. Following the 2021 targeting of security researchers by North Korea's state-sponsored offensive cyber group Lazarus, Microsoft rolled out trusted locations to prevent malicious Visual Studio projects being used to achieve remote code execution.

Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws,...

A Mirai-based DDoS malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others. IZ1H9 compromises devices to enlist them to its DDoS swarm and then launches DDoS attacks on specified targets, presumably on the order of clients renting its firepower.

The infamous Mirai botnet was spotted by researchers who say it is spinning up again, this time with an "Aggressively updated arsenal of exploits." It's the first major update to the IZ1H9 Mirai variant in months and arrives bolstered with tools to break into devices from D-Link and Zyxel, among others.

Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome's V8 JavaScript engine and Google Cloud's Kernel-based Virtual Machine. The exploit writers should make their exploitation attempts against a V8 version running on Google infrastructure.

Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. One of these PoC exploits, confirmed as working by vulnerability and exploit expert Will Dormann, was released by independent security researcher Peter Geissler earlier today.

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks. Qualcomm says it has released security updates that address the issues in its Adreno GPU and Compute DSP drivers, and impacted OEMs were also notified.

Over the weekend, security researchers released a proof-of-concept exploit for a maximum severity remote code execution vulnerability in Progress Software's WS FTP Server file sharing platform. "This vulnerability turned out to be relatively straight forward and represented a typical.NET deserialization issue that led to RCE. It's surprising that this bug has stayed alive for so long, with the vendor stating that most versions of WS FTP are vulnerable," Assetnote said.

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. Janggggg successfully achieved RCE on a Microsoft SharePoint Server using this exploit chain during the March 2023 Pwn2Own contest in Vancouver, earning a $100,000 reward.