Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code

A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary code. OpenRefine is a strong Java-based, free, open-source tool for handling messy data. This includes cleaning it, converting it into a different format, and expanding it with web services and external data. According to SonarCloud, […]

Continue Reading

Hackers Bypass Cloudflare Firewall, and DDoS Protections using Cloudflare

Cloudflare, a prominent cybersecurity vendor renowned for its web protection services, faces a security challenge that could expose its customers to unforeseen risks.  A recent disclosure from Certitude highlights a vulnerability that could allow attackers to bypass certain protection mechanisms offered by Cloudflare, leaving customers susceptible to attacks that the platform is designed to prevent. […]

Continue Reading

Budworm APT Attacking Telecoms Org With New Custom Tools

APT (Advanced Persistent Threat) actors are evolving at a rapid pace, continually enhancing their toolsets and tactics.  They adapt quickly to security measures, leveraging advanced techniques, such as zero-day exploits, to remain undetected. Their ability to innovate and collaborate in the underground cybercriminal ecosystem makes tracking and countering APT threats an ongoing challenge for cybersecurity […]

Continue Reading

Lu0Bot Node.js Malware Takes Complete Control Over Victim’s Computer

Through strategies like polymorphic code, which continuously alters its appearance to prevent detection, as well as employing encryption and obfuscation to disguise its actions, malware is getting more complex and sneaky. Additionally, to infiltrate systems and avoid detection by traditional security measures, malware increasingly leverages social engineering and advanced delivery methods, like-  Recently, cybersecurity researchers […]

Continue Reading