[HackerNews] India’s Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks

Koo, India’s homegrown Twitter clone, recently patched a serious security vulnerability that could have been exploited to execute arbitrary JavaScript code against hundreds of thousands of its users, spreading the attack across the platform.
The vulnerability involves a stored cross-site scripting flaw (also known as persistent XSS) in Koo’s web application that allows malicious scripts to be

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2019-12-31

Ghosts in the Clouds: Inside Chinas Major Corporate Hack www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061 A Wall Street Journal investigation has found that the attack was much bigger than previously known. It goes far beyond the 14 unnamed companies listed in the indictment, stretching across at least a dozen cloud providers, including CGI Group Inc. Tieto Oyj, a major Finnish […]

Read More

[HackerNews] 13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment

All posts, HackerNews

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak. Collectively called “NUCLEUS:13,” successful attacks abusing the flaws can “result in devices […]

Read More

[BleepingComputer] The Week in Ransomware – July 9th 2021 – A flawed attack

This week’s news focuses on the aftermath of REvil’s ransomware attack on MSPs and customers using zero-day vulnerabilities in Kaseya VSA. The good news is that it has not been as disruptive as we initially feared. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.