Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show....
Month: September 2023
7 Steps to Kickstart Your SaaS Security Program
SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google...
Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks
A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing...
Chinese Redfly Group Compromised a Nation’s Critical Grid in 6-Month ShadowPad Campaign
A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian...
Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper
A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla,...
CISA: CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Today, CISA, Federal Bureau of...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories to address vulnerabilities affecting multiple Cisco products. A...
CISA: Microsoft Releases September 2023 Updates
Microsoft Releases September 2023 Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor...
CISA: NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats Today, the National Security Agency (NSA), the Federal Bureau...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber...
CISA: Apple Releases Security Updates for iOS and macOS
Apple Releases Security Updates for iOS and macOS Apple has released security updates to address a vulnerability in multiple products....
CISA: CISA Releases its Open Source Software Security Roadmap
CISA Releases its Open Source Software Security Roadmap Today, CISA released an Open Source Software Security Roadmap to lay out—in...
RansomHouse Ransomware Victim: SAC Finance
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
VTScanner – A Comprehensive Python-based Security Tool For File Scanning, Malware Detection, And Analysis In An Ever-Evolving Cyber Landscape
VTScanner is a versatile Python tool that empowers users to perform comprehensive file scans within a selected directory for malware...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber...
CISA: CISA Releases its Open Source Software Security Roadmap
CISA Releases its Open Source Software Security Roadmap Today, CISA released an Open Source Software Security Roadmap to lay out—in...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These...
CISA: NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats Today, the National Security Agency (NSA), the Federal Bureau...
HackerOne Bug Bounty Disclosure: b-admin-account-panel-takeover-and-doing-actions-in-admin-panel-via-dom-based-xss-b-mouhannadlrx
Company Name: b'Radancy' Company HackerOne URL: https://hackerone.com/radancy Submitted By:b'mouhannadlrx'Link to Submitters Profile:https://hackerone.com/b'mouhannadlrx' Report Title:b'Admin account/panel takeOver and Doing actions in...
HackerOne Bug Bounty Disclosure: b-ssrf-vulnerability-through-connection-test-feature-b-sayoojbkumar
Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'sayoojbkumar'Link to Submitters Profile:https://hackerone.com/b'sayoojbkumar' Report Title:b'SSRF Vulnerability through Connection test...
