ServiceNow Misconfigurations Lead to Leak of Sensitive Data
ServiceNow has been alerted to a potential misconfiguration concern that might impact the security of its platform. The company is actively addressing the issue and…
Category: GBHackers
The Risk of RBAC Vulnerabilities and How to Prevent Them
Role-Based Access Control (RBAC) is a security paradigm focused on assigning system access to users based on their organizational role. It’s a sophisticated approach of…
Hackers Deliver Remcos RAT-Weaponized PDF Payslip Document
AhnLab Security Emergency Response Center (ASEC) has recently revealed a disturbing case of Remcos RAT, a malicious software that can remotely access and manipulate infected…
F-Secure Eyes $9.5M in Cost Savings With Layoffs
F-Secure has recently implemented organizational changes in order to pursue strategic growth initiatives and meet its financial targets. These changes likely involve adjustments to the…
Hackers Abusing OAuth Token to Take Over Millions of Accounts
A new OAuth vulnerability has been discovered in three of the major extensions such as Grammarly, Vidio, and Bukalapak. These applications use the OAuth protocol…
XWorm Sold malware-as-a-service opens vast hacking opportunity
XWorm is a RAT (Remote Access Trojan), a malware-as-a-service. It was first discovered in July 2022 and is known to have originated from the ex-USSR.…
open-source CI/CD pipeline Vulnerability Scanner Tool
Cycode is excited to introduce Raven, a state-of-the-art security scanner for CI/CD pipelines. Raven stands for Risk Analysis and Vulnerability Enumeration for CI/CD Pipeline Security,…
D-LINK SQL Injection Vulnerability Let Attacker Escalate Privileges
A security flaw called SQL injection has been uncovered in the D-Link DAR-7000 device. SQL injection is a malicious attack that exploits vulnerabilities in web…
VMware Tools Flaw Let Attackers Escalate Privileges
Two high vulnerabilities have been discovered in VMware Tools, which were assigned with CVE-2023-34057 and CVE-2023-34058. These vulnerabilities were associated with Local Privilege Escalation and…
Malicious Android Apps on Google Play With Over 2 Million Installs
Several recently discovered malicious apps on Google Play have been found to display intrusive advertisements to users, with a total of over 2 million installations.…
Firefox Memory Corruption Flaw Let Attacker Execute Code
Mozilla Firefox 119 was released with updates for 11 vulnerabilities, including three issues of high severity, seven issues of moderate severity, and one issue of low…
Octo Tempest Attacking Organizations to Steal Financial Data
Microsoft has been closely monitoring the Octo Tempest, a significant financial threat organization. This threat group employs various strategies and TTPs for worldwide extortion, making…