#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
AI Security

Code Execution | Breaking Cybersecurity News | The Hacker News

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

May 16, 2024 Ransomware / Internet of Things
Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances. "The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of patient data stored on the vulnerable devices," operational technology (OT) security vendor Nozomi Networks  said  in a technical report. The security issues impact the Vivid T9 ultrasound system and its pre-installed Common Service Desktop web application, which is exposed on the localhost interface of the device and allows users to perform administrative actions. They also affect another software program called EchoPAC that's installed on a doctor's Windows workstation to help them access multi-dimensional echo, vascular, and abdominal ultrasound images. That being said, s
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

May 02, 2024 Vulnerability / Android
Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability codenamed the Dirty Stream attack that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app's home directory. "The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application's implementation," Dimitrios Valsamaras of the Microsoft Threat Intelligence team  said  in a report published Wednesday. Successful exploitation could allow an attacker to take full control of the application's behavior and leverage the stolen tokens to gain unauthorized access to the victim's online accounts and other data. Two of the apps that were found vulnerable to the problem are as follows - Xiaomi File Manager (com.mi. Android.globalFileexplorer) - Over 1 billion installs WPS Office (cn.wps.moffice_eng) - Over 500 million installs While Android implem
HUMINT: Diving Deep into the Dark Web

HUMINT: Diving Deep into the Dark Web

Jul 09, 2024Cybercrime / Dark Web
Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other. Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites. Deep Web - Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some of the hacker forums exist in the Deep Web, requiring credentials to enter. Dark Web - Web sources that require specific software to gain access. These sources are anonymous and closed, and include Telegram groups and invite-only forums. The Dark Web contains Tor, P2P, hacker forums, criminal marketplaces, etc. According to Etay Maor, Chief Security Strategist at Cato Networks , "We've been seeing a shift in how criminals communicate and co
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks

New R Programming Vulnerability Exposes Projects to Supply Chain Attacks

Apr 29, 2024 Programming / Supply Chain
A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced. The flaw, assigned the CVE identifier CVE-2024-27322 (CVSS score: 8.8), "involves the use of promise objects and lazy evaluation in R," AI application security company HiddenLayer said in a report shared with The Hacker News. RDS,  like pickle in Python , is a format used to serialize and save the state of data structures or objects in R, an open-source programming language used in statistical computing, data visualization, and machine learning. This process of serialization – serialize() or saveRDS() – and deserialization – unserialize() and readRDS() – is also leveraged when saving and loading R packages. The root cause behind CVE-2024-27322 lies in the fact that it could lead to arbitrary code execution when deserializing untrusted
cyber security

Top 4 Security Risks of GenAI

websiteWizGenAI Security / Technology
Gain a competitive edge and unlock the top 4 major emerging risks within GenAI. This report from Gartner provides insights and recommended actions for security and product leaders.
WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

Dec 08, 2023 Vulnerability / Website Security
WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins, especially in multisite installations," WordPress  said . According to WordPress security company Wordfence, the  issue  is rooted in the WP_HTML_Token class that was introduced in version 6.4 to improve HTML parsing in the block editor. A threat actor with the ability to exploit a PHP object injection vulnerability present in any other plugin or theme to chain the two issues to execute arbitrary code and seize control of the targeted site. "If a  POP [property-oriented programming] chain  is present via an additional plugin or theme installed on the target system, it could all
PyPI Python Package Repository Patches Critical Supply Chain Flaw

PyPI Python Package Repository Patches Critical Supply Chain Flaw

Aug 02, 2021
The maintainers of Python Package Index (PyPI) last week issued fixes for three vulnerabilities, one among which could be abused to achieve arbitrary code execution and take full control of the official third-party software repository. The security weaknesses were  discovered  and reported by Japanese security researcher RyotaK, who in the past has disclosed critical vulnerabilities in the  Homebrew Cask repository  and Cloudflare's  CDNJS library . He was awarded a total of $3,000 as part of the bug bounty program. The list of three vulnerabilities is as follows - Vulnerability in Legacy Document Deletion on PyPI  - An exploitable vulnerability in the mechanisms for deleting legacy documentation hosting deployment tooling on PyPI, which would allow an attacker to remove documentation for projects not under their control. Vulnerability in Role Deletion on PyPI  - An exploitable vulnerability in the mechanisms for deleting roles on PyPI was discovered by a security researcher
Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative

Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative

Jul 13, 2021
Cybersecurity researchers have disclosed new security vulnerabilities in the Etherpad text editor (version 1.8.13) that could potentially enable attackers to hijack administrator accounts, execute system commands, and even steal sensitive documents. The two flaws — tracked as CVE-2021-34816 and CVE-2021-34817 — were discovered and reported on June 4 by researchers from SonarSource, following which patches have been shipped for the latter in  version 1.8.14  of Etherpad released on July 4. Etherpad is a real-time collaborative interface that enables a document to be edited simultaneously by multiple authors. It is an open-source alternative to Google Docs that can be self-hosted or used through one of the many third-party public instances available. "The XSS vulnerability allows attackers to take over Etherpad users, including admins. This can be used to steal or manipulate sensitive data," SonarSource vulnerability researcher Paul Gerste  said  in a report shared with T
Expert Insights
Cybersecurity Resources