Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. It is one of the largest libraries in the world. ” reads the announcement.

Libraries 350

Libraries Ransomware Manufacturing Education 350

Security Affairs

APRIL 15, 2025

A critical flaw (CVE-2025-24859, CVSS 10) in Apache Roller lets attackers keep access even after password changes. An attacker could exploit the flaw to retain unauthorized access even after a password change. The flaw lets attackers keep access via old sessions even after a password change if credentials were compromised.

Passwords 127

Passwords Access Libraries Big data 127

Data Breach Today

MARCH 18, 2024

The Python Library Flaw Allows Directory Traversal Attacks Hackers who are possibly members of a criminal group affiliated with numerous ransomware-as-a-service operations are exploiting a directory traversal vulnerability in a Python library that allows unauthenticated remote attackers access to sensitive information from server files.

Libraries 289

Libraries Ransomware Access 289

Security Affairs

MAY 6, 2023

The FBI disrupted once again the illegal eBook library Z-Library the authorities seized several domains used by the service. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. The library is still reachable through TOR and I2P networks.

Libraries 246

Libraries Access Cybersecurity Security 246

Security Affairs

OCTOBER 10, 2023

A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked as CVE-2023-43641 (CVSS score: 8.8), in the libcue library impacting GNOME Linux systems to achieve remote code execution (RCE) on affected hosts.

Libraries 313

Libraries Security IT Access 313

Security Affairs

NOVEMBER 5, 2021

Two popular npm libraries, coa and rc. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc. Two npm libraries that have a total of 23 million weekly downloads, a data that is worrisome. The post npm libraries coa and rc. while compromised rc versions are 1.2.9,

Libraries 327

Libraries Passwords Access Security 327

Security Affairs

OCTOBER 11, 2024

” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. As of September 5, 2024, the Internet Archive held more than 42.1

Archiving 302

Archiving Data breaches Passwords File names 302

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). An attackers with root access can to add a custom file system bundle to /Library/Filesystems. ” concludes Microsoft.

Libraries 280

Libraries Access Privacy IT 280

Security Affairs

SEPTEMBER 24, 2020

The vulnerability ties on how Instagram uses third-party libraries for image processing, in particular, the open-source JPEG decoder Mozjpeg. A malicious code could allow the hackers to access a device’s phone contacts, camera, GPS data, and files stored into the device. ” reads the analysis published by CheckPoint.

Access 332

Access Libraries Communications IT 332

Security Affairs

FEBRUARY 16, 2021

The “ rlottie ” folder caught their attention, it was the folder used for the Samsung native library for playing Lottie animations, originally created by Airbnb. ” The experts used a fuzzy approach to test the Samsung’s C++ library rlottie to parse Lottie animations and triaging the crashes. Pierluigi Paganini.

Access 316

Access Libraries Encryption Security 316

Security Affairs

NOVEMBER 2, 2022

Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub. ” reads the advisory published by the company. Pierluigi Paganini.

Access 336

Access Phishing Passwords Authentication 336

CILIP

JANUARY 31, 2025

Invitation to tender: Future ready libraries CILIP is inviting researchers to undertake a gap analysis and consultation with sector experts to create a comprehensive review of training provision for leadership in the public library workforce in England.

Libraries 79

Libraries Access Government 79

Security Affairs

MARCH 13, 2025

. “GitLab has remediated two privately disclosed security issues (CVE-2025-25291, CVE-2025-25292) identified in the ruby-saml library which GitLab uses when SAML SSO authentication is enabled at the instance or group level.” This library is, however, used in other popular projects and products.”

Authentication 169

Authentication Libraries Data breaches Security 169

Security Affairs

OCTOBER 27, 2022

DEV-0206 is an access broker tracked by Microsoft, which uses malvertising campaigns to compromise networks worldwide. The discovery made by Microsoft is very interesting because it is the first time that researchers found evidence that worm operators leverage an access broker to compromise enterprise networks. Pierluigi Paganini.

Ransomware 273

Ransomware Access Encryption Data collection 273

Security Affairs

SEPTEMBER 3, 2024

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. When an app requests access to a resource, a permission pop-up is triggered for user approval.

Libraries 327

Libraries Risk Access Security 327

Security Affairs

AUGUST 26, 2022

An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. MERCURY has already exploited the Log4j 2 in past attacks, for example, targeting vulnerable VMware apps, but this is the first time the group has used SysAid apps as a vector for initial access. .

Access 246

Access Libraries Communications Government 246

Security Affairs

JANUARY 20, 2025

Crooks used names typosquatting popular libraries, such as @async-mutex/mutex , dexscreener , solana-transaction-toolkit and solana-stable-web-huks. Equally vital is maintaining strict access controls around private keys, limiting who can view or import them in development environments.”

Libraries 254

Libraries Authentication IT Access 254

Security Affairs

AUGUST 30, 2020

The npm security team removed a malicious JavaScript library from the npm repository that was designed to steal sensitive files from the victims. The fallguys library claimed to provide an interface to the “ Fall Guys: Ultimate Knockout ” game API. ” reads the npm’s advisory. .”

Libraries 358

Libraries Access Security IT 358

Security Affairs

JULY 7, 2022

OrBit allows operators to achieve remote access capabilities over SSH, harvests credentials, and logs TTY commands. “Unlike other threats that hijack shared libraries by modifying the environment variable LD_PRELOAD, this malware uses 2 different ways to load the malicious library. . ” continues the experts.

Libraries 342

Libraries Cybersecurity Authentication Access 342

Security Affairs

DECEMBER 16, 2021

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library.

Libraries 363

Libraries Ransomware Access Security 363

Security Affairs

MARCH 30, 2024

Red Hat warns of a backdoor in XZ Utils data compression tools and libraries in Fedora development and experimental versions. Red Hat urges users to immediately stop using systems running Fedora development and experimental versions because of a backdoor in the latest versions of the “xz” tools and libraries. rpm and xz-libs-5.6.0-2.fc40.x86_64.rpm

Libraries 350

Libraries Authentication Access Risk 350

Security Affairs

MAY 7, 2020

. “A possible memory overwrite vulnerability in Quram qmg library allows possible remote arbitrary code execution. The vulnerability resides in the Skia Android graphics library and affects the way Android OS running on Samsung devices handles the custom Qmage image format (.qmg). system libraries.” or libhwui.so

IT 353

IT Libraries Security Access 353

Security Affairs

DECEMBER 27, 2023

. “In our ongoing investigation, Barracuda has determined that a threat actor has utilized an Arbitrary Code Execution (ACE) vulnerability within a third party library, Spreadsheet::ParseExcel, to deploy a specially crafted Excel email attachment to target a limited number of ESG devices.” ” reads the advisory.

Libraries 352

Libraries Access Cybersecurity Security 352

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries 338

Libraries e-Delivery Risk Passwords 338

Security Affairs

MARCH 20, 2020

x that fix two XSS vulnerabilities affecting the CKEditor library. x that address two XSS vulnerabilities that affect the CKEditor library. “The Drupal project uses the third-party library CKEditor , which has released a security improvement that is needed to protect some Drupal configurations.”

Libraries 347

Libraries Risk Access Security 347

Security Affairs

APRIL 30, 2020

EventBot is a mobile banking trojan and infostealer that abuses Android’s accessibility features to steal user data from financial applications, read user SMS messages, and steal SMS messages to allow the malware to bypass two-factor authentication.” ” reads the analysis published by Cybereason. ” concludes the report.

Financial Services 358

Financial Services Libraries Encryption Authentication 358

Security Affairs

SEPTEMBER 6, 2023

Storm-0558 threat actors focus on government agencies in Western Europe and were observed conducting cyberespionage, data theft, and credential access attacks. The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key.

Authentication 338

Authentication Libraries Access Government 338

Security Affairs

DECEMBER 1, 2020

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js

Libraries 345

Libraries File names Access Security 345

Security Affairs

DECEMBER 12, 2021

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library.

Honeypots 363

Honeypots Libraries Passwords Authentication 363

Security Affairs

DECEMBER 2, 2021

Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers from security firm Sansec recently discovered a new Linux remote access trojan (RAT), tracked as CronRAT , that hides in the Linux task scheduling system (cron) on February 31st.

Libraries 353

Libraries Access Security IT 353

Security Affairs

AUGUST 28, 2024

Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”. “We “Google is aware that exploits for CVE-2024-7971 and CVE-2024-7965 exist in the wild.”

IT 316

IT Libraries Cybersecurity Risk 316

Security Affairs

DECEMBER 20, 2023

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.” ” continues the advisory.

Libraries 347

Libraries Access IT Information Security 347

Security Affairs

SEPTEMBER 8, 2024

This issue arises because the GeoTools library API, which GeoServer uses, evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library, allowing arbitrary code execution. GeoServer versions prior to 2.23.6, ” concludes the report.

Libraries 336

Libraries Encryption Cybersecurity Access 336

Security Affairs

DECEMBER 11, 2021

Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 ( aka Log4Shell ), in the Apache Log4j Java-based logging library. However, enabling these system property requires access to the vulnerable servers as well as a restart.”

Libraries 343

Libraries Cloud Access Cybersecurity 343

Security Affairs

OCTOBER 28, 2022

“ Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

Libraries 350

Libraries IT Communications Access 350