PHP_SELFish Part 2 – Reflected XSS in Easy Social Icons
Today’s post is part two of a two part blog post. It describes a cross site scripting vulnerability in the Easy Social Icons plugin that exploits the PHP_SELF variable. In…
Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the…
FinSpy surveillance malware is now spreading through UEFI bootkits
The spyware had previously been associated with malicious installers and MBR bootkits. Read more from the Source
New BloodyStealer Trojan Steals Gamers’ Epic Games and Steam Accounts
A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users’ accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA…