Hackers hijack Citrix NetScaler login pages to steal credentials
Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials....
Month: October 2023
HelloKitty ransomware source code leaked on hacking forum
A threat actor has leaked the complete source code for the first version of the HelloKitty ransomware on a Russian-speaking...
Hackers modify online stores’ 404 pages to steal credit cards
A new Magecart card skimming campaign hijacks the 404 error pages of online retailer's websites, hiding malicious code to steal...
GNOME Linux systems exposed to RCE attacks via file downloads
A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on Linux systems running the...
D-Link WiFi range extender vulnerable to command injection attacks
The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and...
ALPHV ransomware gang claims attack on Florida circuit court
The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial...
Over 17,000 WordPress sites hacked in Balada Injector attacks last month
Multiple Balada Injector campaigns have compromised and infected over 17,000 WordPress sites using known flaws in premium theme plugins. Balada...
ChromeOS Multiple Vulnerabilities
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
Social Dominates as Victims Take $2.7bn Fraud Hit
Fraud victims lost $2.7bn to scammers operating on social media between January 2021 and June 2023, according to new research...
Google Bug Bounty Program Expands to Chrome V8, Google Cloud
Google's research team has launched v8CTF, a capture-the-flag (CTF) challenge focused on its Chrome browser’s V8 JavaScript engine.The competition opened...
Blackbaud Settles Ransomware Breach Case For $49.5m
Software provider Blackbaud has reached a multimillion-dollar agreement with 49 states over charges connected to a massive 2020 ransomware breach...
DNA Tester 23andMe Hit By Credential Stuffing Campaign
A leading genetics testing firm has confirmed that customers had their profile information accessed by threat actors following a credential...
MGM Resorts Reveals Over $100M in Costs After Ransomware Attack
MGM Resorts International has disclosed that costs resulting from a ransomware attack in September have surpassed $100m, including $10m in...
Bureau van Dijk – 27,917,714 breached accounts
HIBP In approximately August 2021, hundreds of gigabytes of data produced by Bureau van Dijk (BVD) was obtained and later...
Play Ransomware Victim: Saltire Energy
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: NachtExpress Austria GmbH
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Centek industries
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Starr Finley
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: M??? T??????
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: WCM Europe
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
DakshSCRA – Source Code Review Assist
Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing...
HackerOne Bug Bounty Disclosure: b-stored-xss-in-plan-name-field-acronis-cyber-protect-b-und-sc-n-c-d
Company Name: b'Acronis' Company HackerOne URL: https://hackerone.com/acronis Submitted By:b'und3sc0n0c1d0'Link to Submitters Profile:https://hackerone.com/b'und3sc0n0c1d0' Report Title:b'Stored XSS in plan name field (Acronis...
HackerOne Bug Bounty Disclosure: b-xss-from-mastodon-embeds-b-lotsofloops
Company Name: b'IRCCloud' Company HackerOne URL: https://hackerone.com/irccloud Submitted By:b'lotsofloops'Link to Submitters Profile:https://hackerone.com/b'lotsofloops' Report Title:b'XSS from Mastodon embeds'Report Link:https://hackerone.com/reports/1887917Date Submitted:09 October...