Tag: vulnerability


D’oh! Another Apache Struts 2 vulnerability!

Upgrade now, some attacks are already in progress! Another serious vulnerability was discovered in Apache Struts 2. Affected versions Apache Struts 2.3.5–2.3.31 Apache Struts 2.5–2.5.10 The vulnerability The vulnerability (CVE-2017–5638), firstly reported by the security researcher Nike Zheng, is a remote code execution bug that affects the Jakarta Multipart parser in Apache Struts, as reported […]


A new infection vector for ransomware: malicious SVG images via Facebook Messenger

The campaign spreads the Nemucod downloader If you receive any Facebook Message with an .SVG image file, just avoid clicking it: a malicious campaign is spreading a ransomware downloader (Nemucod) among Facebook users by taking advantage of innocent-looking SVG image file to infect computers. The campaign was discovered by malware researchers Bart Blazen and Peter Kruse, […]


A bug in Apple’s WebView allow an attacker to initiate phone calls without user confirm

Twitter and LinkedIn iOS apps are vulnerable! The security researcher Collin Mulliner has discovered an exploitable vulnerability in Apple’s WebView that could allow phone calls to a number of the attacker’s choosing. iOS WebViews can be used to automatically call an attacker controlled phone number. The attack can block the phone’s UI for a short […]