There are two critical RCE vulnerabilities in Java’s Spring Framework.

Wed, 06 Apr 2022 9:32:00
0 minutes, 23 seconds
  • A new critical Remote Code Execution (RCE) vulnerability (CVE-2022-22963) was discovered in Java’s Spring Cloud Functions. There are patches available for this vulnerability which should be applied to affected systems as soon as possible.
  • A 0-day vulnerability in Spring Core that could lead to u...

Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams

Wed, 06 Apr 2022 9:27:00
0 minutes, 45 seconds

Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks.

The development was first reported by Bleeping Computer.

The company, which was acquired by financia...

Researchers Uncover New Android Spyware With C2 Server Linked to Turla Hackers

Wed, 06 Apr 2022 9:19:00
0 minutes, 31 seconds

An Android spyware application has been spotted masquerading as a "Process Manager" service to stealthily siphon sensitive information stored in the infected devices.

Interestingly, the app — that has the package name "com.remote.app" — establishes contact with a remote command-and-control server,...

HAPPY NEW YEAR!

Sat, 01 Jan 2022 17:56:08
0 minutes, 3 seconds

All the best for everyone! With less covid and more digital privacy!

Log4shell - Five Eyes published a scanner for everyone

Sun, 26 Dec 2021 10:28:16
1 minute, 21 seconds

Log4shell

As you may have heard, since December 9 there is a severe vulnerability called Log4shell (and other Log4j-related vulnerabilities) that affects a wide range of Java applications. The "Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI" library.

Scanners

Five Eye

...