Introduction Today’s diary reviews German malicious spam (malspam) from Tuesday 2020-04-07 pushing ZLoader malware. Also known as Terdot or DELoader, ZLoader is the latest version or variant from this family of malware that has been active for years. Shown above: Flow chart for this infection chain. The malspam I found two emails that contained zip …
Read more “German malspam pushes ZLoader malware, (Wed, Apr 8th)”
Introduction Today’s diary reviews German malicious spam (malspam) from Tuesday 2020-04-07 pushing ZLoader malware. Also known as Terdot or DELoader, ZLoader is the latest version or variant from this family of malware that has been active for years. Shown above: Flow chart for this infection chain. The malspam I found two emails that contained zip …
Read more “German malspam pushes ZLoader malware, (Wed, Apr 8th)”
Introduction Today’s diary reviews German malicious spam (malspam) from Tuesday 2020-04-07 pushing ZLoader malware. Also known as Terdot or DELoader, ZLoader is the latest version or variant from this family of malware that has been active for years. Shown above: Flow chart for this infection chain. The malspam I found two emails that contained zip …
Read more “German malspam pushes ZLoader malware, (Wed, Apr 8th)”
Introduction Today’s diary reviews German malicious spam (malspam) from Tuesday 2020-04-07 pushing ZLoader malware. Also known as Terdot or DELoader, ZLoader is the latest version or variant from this family of malware that has been active for years. Shown above: Flow chart for this infection chain. The malspam I found two emails that contained zip …
Read more “German malspam pushes ZLoader malware, (Wed, Apr 8th)”
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator’s browser if the template is used to create a page).
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator’s browser if the template is used to create a page).
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator’s browser if the template is used to create a page).
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator’s browser if the template is used to create a page).