← Latest brief

Security news.

·Afternoon Brief

Today's security brief highlights critical supply chain attacks, with a compromised npm package delivering an infostealer and malicious crypto wallet packages pushed via GitHub. Additionally, several critical vulnerabilities in widely used software like Zimbra and U-Boot have been disclosed, alongside a warning about active exploitation campaigns targeting vulnerable CMS platforms.

THNSUPPLY CHAIN
1d agoREAD

Compromised jscrambler npm Package Drops Rust Infostealer

The jscrambler 8.14.0 npm package was compromised, executing a Rust infostealer on installation for Windows, macOS, and Linux users.

THNVULN
1d agoREAD

Critical Zimbra Flaw Allows Malicious Code Execution

Zimbra has urged customers to update their Classic Web Client to address a critical stored cross-site scripting (XSS) vulnerability that could allow crafted emails to execute malicious code in user sessions.

BLEEPINGMALWARE
8h agoREAD

RedHook Android Malware Abuses Wireless ADB

A new variant of the RedHook Android malware is exploiting the Android Wireless Debugging (Wireless ADB) mechanism to gain shell-level privileges on devices without needing a physical connection.

BLEEPINGEXPLOIT
1d agoREAD

Australia Warns of Global CMS Exploitation Campaign

The ACSC has issued an alert regarding an active global campaign exploiting vulnerabilities in various Content Management Systems (CMS) and their plugins.

VULN
READ

New U-Boot Flaws Enable Stealthy Firmware Attacks

Six vulnerabilities were found in the widely used U-Boot bootloader, allowing attackers to execute malicious code during device boot, potentially compromising security and installing persistent malware.

THNSUPPLY CHAIN
2d agoREAD

Injective Labs GitHub Compromise Pushes Malicious npm Packages

Threat actors compromised the Injective Labs SDK project's GitHub, pushing a malicious npm package (@injectivelabs/[email protected]) designed to steal cryptocurrency wallet private keys and mnemonic seed phrases.

BLEEPINGEXPLOIT
2d agoREAD

Hackers Exploit Critical Auth Bypass in Gitea Docker Image

A critical vulnerability in the official Gitea Docker image is being actively exploited by hackers to impersonate any user, including administrators.

BLEEPINGADVISORY
2d agoREAD

Progress Urges ShareFile Admins to Shut Down Servers Over Credible Threat

Progress Software has advised ShareFile customers using Storage Zone Controllers to immediately shut down their servers due to a "credible external security threat" targeting the on-premises software.

Generated twice daily from public security RSS feeds. Informational only.