Security News

A recently fixed command injection vulnerability affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a reverse root shell. Zyxel APT, USG FLEX, and VPN firewalls running versions v4.60 to v5.35 of the ZDL firmware, and.

Apple fixes WebKit 0-days under attackApple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit 0-day that "May have been actively exploited." Enhancing open source security: Insights from the OpenSSF on addressing key challengesIn this Help Net Security interview, we meet a prominent industry leader.

Several ransomware groups and state-sponsored cyberespionage threat actors are exploiting a vulnerability affecting printing software tools PaperCut MF and PaperCut NG to compromise their targets. The new PaperCut vulnerability, CVE-2023-27350, affects different PaperCut MF and PaperCut NG software, allowing an attacker to bypass authentication and execute arbitrary code with SYSTEM privileges.

The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by Israeli IoT security company Sternum, which reverse-engineered the device and gained firmware access.

Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany.

U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. "The Bl00dy Ransomware Gang gained access to victim networks across the Education Facilities Subsector where PaperCut servers vulnerable to CVE-2023-27350 were exposed to the internet," the agencies said.

The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass. Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.

Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant's threat intelligence team said it observed both Mango Sandstorm and Mint Sandstorm weaponizing CVE-2023-27350 in their operations to achieve initial access.

AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person's voice, according to McAfee. With 53% of adults sharing their voice data online at least once a week and 49% doing so up to 10 times a week, cloning how somebody sounds is now a powerful tool in the arsenal of a cybercriminal.

Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. "This vulnerability allows any unauthenticated user from stealing sensitive information to, in this case, privilege escalation on the WordPress site by tricking a privileged user to visit the crafted URL path," Patchstack researcher Rafie Muhammad said.