Remove File names Remove Libraries Remove Security
article thumbnail

Internet Archive data breach impacted 31M users

Security Affairs

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” HIBP confirmed that the stolen archive had 31M records, including email address, screen name, bcrypt password hash, and timestamps for password changes.

Archiving 304
article thumbnail

Researchers disclose critical sandbox escape bug in vm2 sandbox library

Security Affairs

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. servers, it has approximately four million weekly downloads and its library is part of 722 packages. servers, it has approximately four million weekly downloads and its library is part of 722 packages.

Libraries 245
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Malicious npm packages spotted delivering njRAT Trojan

Security Affairs

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js

Libraries 346
article thumbnail

0Patch released unofficial security patch for new DogWalk Windows zero-day

Security Affairs

0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) dubbed DogWalk. “Okay, but who would download and open a silly diagcab file? .”

Security 246
article thumbnail

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. trendmrcio[.]com,

article thumbnail

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Security Affairs

User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.” “The specific flaw exists within the way Internet Explorer prompts the user after a file is downloaded. ” reads the advisory published by ZDI. states Trend Micro.

Archiving 343
article thumbnail

The North Korean Kimsuky APT threatens South Korea evolving its TTPs

Security Affairs

The Kimsuky APT group has been analyzed by several security teams. Hash 757dfeacabf4c2f771147159d26117818354af14050e6ba42cc00f4a3d58e51f Threat Kimsuky loader Brief Description Scr file, initial loader Ssdeep 12288:APWcT1z2aKqkP/mANd2JiEWKZ52zfeCkIAYfLeXcj6uuLl:uhT1z4q030JigZUaULeXc3uLl. Figure 1: tweet on 28 February 2020.

IT 363