The Hacker News
MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
January 22^nd 2024 at 16:35

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

By Newsroom

Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know whether an attack was being performed

Related tags
January 22^nd 2024 at 16:35

The Hacker News
Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
January 12^th 2024 at 07:56

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

By Newsroom

Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier

Related tags
January 12^th 2024 at 07:56

The Hacker News
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
January 11^th 2024 at 14:16

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

By Newsroom

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-

Related tags
January 11^th 2024 at 14:16

The Hacker News
CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack
January 10^th 2024 at 04:50

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

By Newsroom

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.

Related tags
January 10^th 2024 at 04:50

News ≈ Packet Storm
Apache OFBiz Zero Day Pummeled By Exploit Attempts After Disclosure
January 9^th 2024 at 15:40

Apache OFBiz Zero Day Pummeled By Exploit Attempts After Disclosure

Related tags
January 9^th 2024 at 15:40

News ≈ Packet Storm
Critical Apache OFBiz Vulnerability In Attacker Crosshairs
December 29^th 2023 at 17:14

Critical Apache OFBiz Vulnerability In Attacker Crosshairs

Related tags
- ❌
- headline,hacker,flaw,apache
December 29^th 2023 at 17:14

News ≈ Packet Storm
80% Of Struts Downloads Are For Versions Featuring Critical Flaw
December 22^nd 2023 at 14:20

80% Of Struts Downloads Are For Versions Featuring Critical Flaw

Related tags
- ❌
- headline,flaw,apache
December 22^nd 2023 at 14:20

News ≈ Packet Storm
Recent Apache Struts 2 Vulnerability In Attacker Crosshairs
December 15^th 2023 at 15:02

Recent Apache Struts 2 Vulnerability In Attacker Crosshairs

Related tags
- ❌
- headline,hacker,flaw,apache
December 15^th 2023 at 15:02

The Hacker News
New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now
December 12^th 2023 at 05:23

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now

By Newsroom

Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file

Related tags
December 12^th 2023 at 05:23

The Hacker News
Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution
December 6^th 2023 at 09:18

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

By Newsroom

Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below - CVE-2022-1471 (CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score

Related tags
December 6^th 2023 at 09:18

The Hacker News
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
November 29^th 2023 at 05:07

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

By Newsroom

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0)

Related tags
November 29^th 2023 at 05:07

The Hacker News
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
November 21^st 2023 at 10:00

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

By Newsroom

The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative

Related tags
November 21^st 2023 at 10:00

The Hacker News
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
November 20^th 2023 at 09:16

Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking

By Newsroom

Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. "Randstorm() is a term we coined to describe a collection of bugs, design decisions, and API changes that, when brought in contact with each other, combine

Related tags
November 20^th 2023 at 09:16

The Hacker News
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
November 7^th 2023 at 07:14

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

By Newsroom

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware. Both vulnerabilities are critical, allowing threat

Related tags
November 7^th 2023 at 07:14

The Hacker News
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability
November 2^nd 2023 at 04:27

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

By Newsroom

Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a

Related tags
November 2^nd 2023 at 04:27

The Hacker News
Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks
September 7^th 2023 at 11:02

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

By THN

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset’s metadata database. Outside of these

Related tags
September 7^th 2023 at 11:02

News ≈ Packet Storm
Unpatched Apache Tomcat Servers Spread Mirai Botnet Malware
July 31^st 2023 at 15:14

Unpatched Apache Tomcat Servers Spread Mirai Botnet Malware

Related tags
- ❌
- headline,malware,botnet,flaw,apache
July 31^st 2023 at 15:14

The Hacker News
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
July 20^th 2023 at 15:56

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

By THN

Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability

Related tags
July 20^th 2023 at 15:56

The Hacker News
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
May 31^st 2023 at 15:44

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

By Ravie Lakshmanan

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023. “Persistence is achieved via timed processors or entries to cron,” said Dr.

Related tags
May 31^st 2023 at 15:44

News ≈ Packet Storm
Apache Superset: A Story Of Insecure Default Keys, Thousands Of Vulnerable Systems, Few Paying Attention
April 26^th 2023 at 14:41

Apache Superset: A Story Of Insecure Default Keys, Thousands Of Vulnerable Systems, Few Paying Attention

Related tags
- ❌
- headline,flaw,apache
April 26^th 2023 at 14:41

The Hacker News
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
April 26^th 2023 at 09:29

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

By Ravie Lakshmanan

The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access

Related tags
April 26^th 2023 at 09:29

The Hacker News
Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability
October 21^st 2022 at 11:03

Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability

By Ravie Lakshmanan

WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in Apache Commons Text on October 18, 2022. The vulnerability, tracked as CVE-2022-42889 aka Text4Shell, has been assigned a severity ranking of 9.8 out of a possible 10.0 on the CVSS scale and affects versions 1.5 through 1.9 of the library. It's also similar to