Top CyberNews November 2021 – Week 2

November 10 2021

A backdoor, a critical vulnerability, and a new zero-day vulnerability. It seems the cyber threats are taking a ride for the second week of november 2021

 

Two NPM Packages With 22 Million Weekly Downloads Found Backdoored

After gaining unauthorised access to the respective developer’s accounts, packages with nearly 22 million weekly downloads were discovered to be compromised with malicious code.

The two libraries in question are “coa,” a command-line option parser, and “rc,” a configuration loader, both of which were tampered with by an unidentified threat actor to include “identical” password-stealing malware.

After gaining unauthorised access to the respective developer's accounts, packages with nearly 22 million weekly downloads were discovered to be compromised with malicious code.
22 million weekly downloads were compromised

Users of coa versions beginning with 2.0.3 and higher — 2.0.3, 2.0.4, 2.1.1, 2.1.3, 3.0.1, and 3.1.3 — are advised to downgrade to a lower version.

Critical RCE Vulnerability Reported in Linux Kernel’s TIPC Module

Researchers in cybersecurity have discovered a security flaw in the Linux kernel’s Transparent Inter-Process Communication (TIPC) module, which could be exploited both locally and remotely to execute arbitrary code within the kernel and take control of vulnerable machines.

Researchers in cybersecurity have discovered a security flaw in the Linux kernel's Transparent Inter-Process Communication (TIPC) module, which could be exploited both locally and remotely to execute arbitrary code within the kernel and take control of vulnerable machines.
Critical RCE Vulnerability in Linux Kernel’s TIPC Module

The heap overflow vulnerability tracked as CVE-2021-43267 (CVSS score: 9.8) “can be exploited locally or remotely within a network to gain kernel privileges, and would allow an attacker to compromise the entire system,” cybersecurity firm SentinelOne said in a report published today and shared with The Hacker News.

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks

Google has released its monthly Android security patches, including fixes for 39 flaws, including a zero-day vulnerability that the company claims is being actively exploited in the wild in limited, targeted attacks.

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks
New Android 0-Day Vulnerability

The zero-day bug, identified as CVE-2021-1048, is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation. Use-after-free issues are dangerous because they allow a threat actor to access or refer to memory after it has been freed, resulting in a “write-what-where” condition that allows a threat actor to execute arbitrary code to gain control of a victim’s system.

Get the latest news on cybersecurity

Previous Post Next Post

Leave a Comment