Read Time:4 Second
Really interesting story of Sophos’s five-year war against Chinese hackers.
Daily Archives: November 4, 2024
Supply Chain Attack Uses Smart Contracts for C2 Ops
Read Time:6 Second
Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) operations
UK Council Sites Recover Following Russian DDoS Blitz
Read Time:5 Second
Several UK council websites are back online after being disrupted by Russian hacktivist DDoS attacks
firefox-132.0-2.fc39
Read Time:6 Second
FEDORA-2024-c4b84c1215
Packages in this update:
firefox-132.0-2.fc39
Update description:
New upstream build (132.0)
ZDI-CAN-25424: Hugging Face
Read Time:22 Second
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘The_Kernel_Panic’ was reported to the affected vendor on: 2024-11-04, 0 days ago. The vendor is given until 2025-03-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-24-1452: Autodesk AutoCAD CATPART File Parsing Memory Corruption Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-8592.