GitHub comments abused to push malware via Microsoft repo URLs

Published on April 20, 2024

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. [...]

Continue reading on website
Other news

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

April 20, 2024
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors.The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software."In

Critical Forminator plugin flaw impacts over 300k WordPress sites

April 20, 2024
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server. [...]