Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan.
The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content.
According to Fortinet FortiGuard Labs, clicking the URL
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.
A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures.
"This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs researcher Cara Lin said. "MrAnon Stealer steals its victims' credentials, system
Adobe'sΒ Patch Tuesday updateΒ for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems.
The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts both Windows and macOS versions of Acrobat DC, Acrobat Reader DC,
E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023.
The attacks, dubbedΒ XurumΒ by Akamai, leverage a now-patched critical security flaw (CVE-2022-24086, CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution.
"The attacker seems to be
Adobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild.
The critical shortcoming, tracked asΒ CVE-2023-38205Β (CVSS score: 7.5), has been described as an instance of improper access control that could result in a security bypass. It impacts the following versions:
ColdFusion 2023 (Update
Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign.
The flaw, tracked asΒ CVE-2023-28121Β (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an
Login
FreshRSS