Tag: 2024-06-27

6 Attack Reports | 120 Vulnerabilities

Attack reports

GrimResource - Microsoft Management Console for initial access and evasion

A novel, in-the-wild code execution technique leveraging Microsoft Management Console files (MSC) has been identified by Elastic Security researchers and was first spotted in the wild in June 2016 and is currently being investigated by VirusTotal.
cobalt strike
execution
vbscript
jscript
2024-06-27
msc file
mmc console
grimresource
console
pastaloader
windows script
Published: June 27, 2024
Downloadable IOCs: 3

Polyfill supply chain attack hits 100K+ sites

A malicious Chinese entity acquired control over the popular Polyfill JS open-source project and has been injecting malware into over 100,000 websites that embed the polyfill.io content delivery network. The malware redirects mobile users to a fraudulent sports betting site hosted on a domain imper…
malvertising
supply chain
2024-06-27
polyfill.js
redirection
Published: June 27, 2024
Downloadable IOCs: 7

New InnoSetup Malware Created Upon Each Download Attempt

A security intelligence report describing a new malware distribution technique where malicious code is dynamically generated for each download attempt, evading detection through unique hash values. The malware, termed 'InnoLoader', disguises itself as legitimate software installers, executing a com…
obfuscation
2024-06-27
stealc
lu0bot
dga
innosetup
multistagepayload
Published: June 27, 2024
Downloadable IOCs: 32

DBatLoader Distributed via CMD Files

A cybersecurity analysis has identified a malicious operation involving the distribution of a downloader, dubbed DBatLoader or ModiLoader, through CMD files disguised as innocuous files. The campaign leverages phishing emails containing compressed CMD files that, when executed on English-language W…
stealthy
obfuscation
phishing
2024-06-27
downloader
dbatloader
modiloader
Published: June 27, 2024
Downloadable IOCs: 0

From Dormant to Dangerous: P2Pinfect Evolves to Deploy New Ransomware and Cryptominer

P2Pinfect is a sophisticated malware that utilizes a peer-to-peer botnet for command and control. Initially appearing dormant, it has evolved to deploy ransomware and cryptominer payloads. The malware spreads via exploiting Redis and limited SSH capabilities. A recent update introduced a new ransom…
ransomware
rootkit
worm
cryptominer
2024-06-27
p2pinfect
rsagen
Published: June 27, 2024
Downloadable IOCs: 15

Malicious npm package targets AWS users

ReversingLabs' researchers discovered a malicious package named legacyreact-aws-s3-typescript on the npm repository. It mimicked a popular legitimate package, react-aws-s3-typescript, designed to facilitate file uploads to Amazon S3 Buckets. Initially, the package appeared benign, but a later versi…
backdoor
supply-chain
2024-06-27
npm
aws
Published: June 27, 2024
Downloadable IOCs: 3
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-2973

10.0
    Juniper Networks Session Smart Router
    Juniper Networks Session Smart Conductor
    Juniper Networks WAN Assurance Router
Published: June 27, 2024

CVE-2024-3330

9.9
    Spotfire Analyst
    Spotfire Server
    Spotfire for AWS Marketplace
Published: June 27, 2024

CVE-2024-0947

9.8
    Elektraweb
Published: June 27, 2024

CVE-2024-0949

9.8
    Elektraweb
Published: June 27, 2024

CVE-2024-5751

9.8
    litellm
Published: June 27, 2024

CVE-2024-5826

9.8
    vanna-ai/vanna
Published: June 27, 2024

CVE-2024-6127

9.8
    BC Security Empire
Published: June 27, 2024

CVE-2024-5655

9.6
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-5980

9.1
    pytorch-lightning
Published: June 27, 2024

CVE-2024-6054

8.8
    Auto Featured Image plugin for WordPress
Published: June 27, 2024

CVE-2024-1107

8.8
    Talya Informatics Travel APPS
Published: June 27, 2024

CVE-2024-4901

8.7
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-5885

8.6
    quivr
Published: June 27, 2024

CVE-2024-6085

8.6
    lollms package
Published: June 27, 2024

CVE-2023-30997

8.4
    IBM Security Access Manager Docker
Published: June 27, 2024

CVE-2023-30998

8.4
    IBM Security Access Manager Docker
Published: June 27, 2024

CVE-2024-4578

8.4
    Arista Wireless Access Points
Published: June 27, 2024

CVE-2024-35260

8.0
    Microsoft Dataverse
Published: June 27, 2024

CVE-2024-22232

7.7
    SaltStack
Published: June 27, 2024

CVE-2024-5820

7.6
    UNKNOWN
Published: June 27, 2024

CVE-2024-6323

7.5
    GitLab EE
Published: June 27, 2024

CVE-2024-31916

7.5
    IBM OpenBMC
Published: June 27, 2024

CVE-2024-5334

7.5
    GitHub repository stitionai/devika
Published: June 27, 2024

CVE-2024-5547

7.5
    GitHub repository stitionai/devika
Published: June 27, 2024

CVE-2024-5548

7.5
    GitHub repository stitionai/devika
Published: June 27, 2024

CVE-2023-38370

7.5
    IBM Security Access Manager Docker
Published: June 27, 2024

CVE-2024-3043

7.5
    Zigbee
Published: June 27, 2024

CVE-2024-5979

7.5
    h2o-3
Published: June 27, 2024

CVE-2024-6038

7.5
    gaizhenbiao/chuanhuchatgpt
Published: June 27, 2024

CVE-2024-6090

7.5
    gaizhenbiao/chuanhuchatgpt
Published: June 27, 2024

CVE-2024-6250

7.5
    parisneo/lollms-webui
Published: June 27, 2024

CVE-2024-38523

7.5
    Hush Line
Published: June 27, 2024

CVE-2024-5714

7.4
    lunary-ai/lunary
Published: June 27, 2024

CVE-2024-5824

7.4
    parisneo/lollms
Published: June 27, 2024

CVE-2024-6371

7.3
    Pool of Bethesda Online Reservation System
Published: June 27, 2024

CVE-2024-6373

7.3
    itsourcecode Online Food Ordering System
Published: June 27, 2024

CVE-2024-5822

7.3
    gaizhenbiao/ChuanhuChatGPT
Published: June 27, 2024

CVE-2024-6139

7.3
    parisneo/lollms
Published: June 27, 2024

CVE-2024-5430

6.8
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-3331

6.8
    Spotfire Enterprise Runtime for R - Server Edition
    Spotfire Statistics Services
    Spotfire Analyst
    Spotfire Desktop
    Spotfire Server
Published: June 27, 2024

CVE-2024-22260

6.8
    VMware Workspace One UEM
Published: June 27, 2024

CVE-2024-1493

6.5
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-3959

6.5
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-4557

6.5
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-3017

6.5
    OpenThread Border Router
Published: June 27, 2024

CVE-2024-5289

6.4
    Gutenberg Blocks with AI by Kadence WP - Page Builder Features plugin for WordPress
Published: June 27, 2024

CVE-2024-4569

6.4
    Elementor Addon Elements plugin for WordPress
Published: June 27, 2024

CVE-2024-4570

6.4
    Elementor Addon Elements plugin for WordPress
Published: June 27, 2024

CVE-2024-5601

6.4
    Create by Mediavine plugin for WordPress
Published: June 27, 2024

CVE-2024-4983

6.4
    The Plus Addons for Elementor
Published: June 27, 2024

CVE-2024-6262

6.4
    Portfolio Gallery - Image Gallery Plugin plugin for WordPress
Published: June 27, 2024

CVE-2024-6372

6.3
    Tailoring Management System
Published: June 27, 2024

CVE-2023-30430

6.2
    IBM Security Verify Access
Published: June 27, 2024

CVE-2023-38368

6.2
    IBM Security Access Manager Docker
Published: June 27, 2024

CVE-2024-5933

6.1
    UNKNOWN
Published: June 27, 2024

CVE-2024-6388

5.9
    Ubuntu Advantage Desktop Daemon
Published: June 27, 2024

CVE-2023-38371

5.9
    IBM Security Access Manager Docker
Published: June 27, 2024

CVE-2024-6283

5.4
    DethemeKit For Elementor plugin for WordPress
Published: June 27, 2024

CVE-2023-42014

5.4
    IBM Sterling B2B Integrator Standard Edition
Published: June 27, 2024

CVE-2024-5935

5.4
    imartinez/privategpt
Published: June 27, 2024

CVE-2024-1816

5.3
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-2191

5.3
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-31883

5.3
    IBM Security Verify Access
Published: June 27, 2024

CVE-2024-5710

5.3
    berriai/litellm
Published: June 27, 2024

CVE-2024-5755

5.3
    lunary-ai/lunary
Published: June 27, 2024

CVE-2024-6086

5.3
    lunary-ai/lunary
Published: June 27, 2024

CVE-2024-22276

5.3
    VMware Cloud Director Object Storage Extension
Published: June 27, 2024

CVE-2024-22231

5.0
    Salt
Published: June 27, 2024

CVE-2024-22272

4.9
    VMware Cloud Director
Published: June 27, 2024

CVE-2024-35153

4.8
    IBM WebSphere Application Server
Published: June 27, 2024

CVE-2024-3115

4.3
    GitLab EE
Published: June 27, 2024

CVE-2024-1153

4.3
    Talya Informatics Travel APPS
Published: June 27, 2024

CVE-2023-42011

4.3
    IBM Sterling B2B Integrator Standard Edition
Published: June 27, 2024

CVE-2024-5936

4.3
    imartinez/privategpt
Published: June 27, 2024

CVE-2024-6367

3.5
    LabVantage LIMS
Published: June 27, 2024

CVE-2024-6368

3.5
    LabVantage LIMS
Published: June 27, 2024

CVE-2024-6369

3.5
    LabVantage LIMS
Published: June 27, 2024

CVE-2024-6370

3.5
    LabVantage LIMS
Published: June 27, 2024

CVE-2024-6374

3.5
    lahirudanushka School Management System
Published: June 27, 2024

CVE-2024-4011

3.1
    GitLab CE/EE
Published: June 27, 2024

CVE-2024-1330

None
    kadence-blocks-pro WordPress plugin
Published: June 27, 2024

CVE-2024-3111

None
    Interactive Content WordPress plugin
Published: June 27, 2024

CVE-2024-4664

None
    WP Chat App WordPress plugin
Published: June 27, 2024

CVE-2024-4704

None
    Contact Form 7 WordPress plugin
Published: June 27, 2024

CVE-2023-7270

None
    SoftMaker Office
    FreeOffice 2021
Published: June 27, 2024

CVE-2024-5535

None
    OpenSSL
Published: June 27, 2024

CVE-2024-38515

None
    UNKNOWN
Published: June 27, 2024

CVE-2024-39153

None
    idccms
Published: June 27, 2024

CVE-2024-39154

None
    idccms
Published: June 27, 2024

CVE-2024-39155

None
    idccms
Published: June 27, 2024

CVE-2024-39156

None
    idccms
Published: June 27, 2024

CVE-2024-39157

None
    idccms
Published: June 27, 2024

CVE-2024-39158

None
    idccms
Published: June 27, 2024

CVE-2024-28820

None
    openvpn-auth-ldap
Published: June 27, 2024

CVE-2024-39373

None
    TELSAT marKoni FM Transmitters
Published: June 27, 2024

CVE-2024-39374

None
    TELSAT marKoni FM Transmitters
Published: June 27, 2024

CVE-2024-39375

None
    TELSAT marKoni FM Transmitters
Published: June 27, 2024

CVE-2024-39376

None
    TELSAT marKoni FM Transmitters
Published: June 27, 2024

CVE-2024-39669

None
    Soffid IAM
Published: June 27, 2024

CVE-2024-24792

None
    Go programming language
Published: June 27, 2024

CVE-2024-2882

None
    UNKNOWN
Published: June 27, 2024

CVE-2024-31802

None
    DESIGNA ABACUS
Published: June 27, 2024

CVE-2024-39129

None
    DumpTS
Published: June 27, 2024

CVE-2024-39130

None
    DumpTS
Published: June 27, 2024

CVE-2024-39133

None
    zziplib
Published: June 27, 2024

CVE-2024-39207

None
    lua-shmem
Published: June 27, 2024

CVE-2024-39208

None
    luci-app-lucky
Published: June 27, 2024

CVE-2024-36072

None
    Netwrix CoSoSys Endpoint Protector
    CoSoSys Unify
Published: June 27, 2024

CVE-2024-36073

None
    Netwrix CoSoSys Endpoint Protector
    CoSoSys Unify
Published: June 27, 2024

CVE-2024-36074

None
    Netwrix CoSoSys Endpoint Protector
    CoSoSys Unify
Published: June 27, 2024

CVE-2024-36075

None
    CoSoSys Unify
    CoSoSys Endpoint Protector
Published: June 27, 2024

CVE-2024-36755

None
    D-Link DIR-1950
Published: June 27, 2024

CVE-2024-39132

None
    DumpTS
Published: June 27, 2024

CVE-2024-39134

None
    zziplib
Published: June 27, 2024

CVE-2024-39209

None
    UNKNOWN
Published: June 27, 2024

CVE-2024-5642

None
    CPython
Published: June 27, 2024

CVE-2023-52892

None
    phpseclib
Published: June 27, 2024

CVE-2024-36059

None
    Kalkitech ASE ASE61850 IEDSmart
Published: June 27, 2024

CVE-2024-39705

None
    NLTK
Published: June 27, 2024

CVE-2024-4395

None
    Jamf Compliance Editor
Published: June 27, 2024
Click here to see more Vulnerabilities