SOCRadar® Extended Threat Intelligence’s Post

🚨 Critical Firefox Vulnerability Under Active Attack: Update Now! 🚨 Mozilla has just released an urgent security update to patch a critical vulnerability (CVE-2024-9680) actively being exploited in the wild. This flaw, a use-after-free bug in the Animation timeline component, allows attackers to execute malicious code in Firefox’s content process. 🔒 What You Need to Do: Update to the latest versions immediately if you are using: Firefox 131.0.2 Firefox ESR 128.3.1 Firefox ESR 115.16.1 No specifics on the attack methods or the threat actors have been released yet, but protecting your browser now is critical. 📢 Spread the word! Cybersecurity starts with staying informed and proactive. #CyberSecurity #Firefox #UpdateNow #Mozilla #DataProtection #hacking

🚨 Critical Firefox Vulnerability Under Active Attack: Update Now! 🚨 Mozilla has just released an urgent security update to patch a critical vulnerability (CVE-2024-9680) actively being exploited in the wild. This flaw, a use-after-free bug in the Animation timeline component, allows attackers to execute malicious code in Firefox’s content process. 🔒 What You Need to Do: Update to the latest versions immediately if you are using: Firefox 131.0.2 Firefox ESR 128.3.1 Firefox ESR 115.16.1 No specifics on the attack methods or the threat actors have been released yet, but protecting your browser now is critical. 📢 Spread the word! Cybersecurity starts with staying informed and proactive. #CyberSecurity #Firefox #UpdateNow #Mozilla #DataProtection #hacking

💻🎮 Vulnerability Discovery: Stored XSS in a Popular Steam Game! 🎮💻 I’m thrilled to share that I recently uncovered a Stored XSS vulnerability in a widely popular game on Steam! 🔥 While exploring the game’s community features, I found a security flaw that could allow malicious actors to inject persistent scripts, potentially putting players' accounts and data at risk. After a responsible disclosure, the developers were quick to acknowledge the issue, and I received a great appreciation for contributing to their security posture. 🛡️ A huge shoutout to the development team for their prompt response and their commitment to keeping the gaming community safe! 🕹️🙏 This experience highlights the importance of security awareness, even in platforms and environments we use for entertainment. 🎯 #Cybersecurity #Steam #VulnerabilityDiscovery #XSS #EthicalHacking #GamingSecurity #BugBounty #Infosec #AppSec

⚠️ Firefox Zero-Day Under Attack: Update Your Browser Immediately A critical #vulnerability (CVE-2024-9680) in Firefox is being actively exploited. #Mozilla has revealed that a critical security flaw impacting Firefox and #Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component. Read more: https://lnkd.in/gkJ8qtvh #riskmanagement #ThreatManagement #infosec #cybersecurity #vulnerabilities #cyberdefense

📌 Using Legitimate GitHub URLs for Malware 🌐 https://lnkd.in/enBiqzHA #Pentesting #Hacking #Hacker #OffensiveSecurity #Pentest #RedTeam #BugBounty #Vulnerability #Testing #devsecops #OffensiveOperations #window_internals #PenetrationTesting #exploit #blueteam #infosec #cybersecurity #informationsecurity #security

"Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component." #Mozilla #Firefox #FirefoxESR #CVE #vulnerability #ZeroDay #CyberAttack #CyberSecurity https://lnkd.in/eJy6aeS6

Firefox Zero-Day Under Attack: Update Your Browser Immediately https://lnkd.in/gkJ8qtvh #Infosec #Security #Cybersecurity #CeptBiro #Firefox #ZeroDay #UpdateYourBrowser

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028): For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher application that can spawn other applications with SYSTEM-level permissions, thus helping the hackers to perform remote code execution, install backdoors, steal credentials, and more. “Microsoft has observed Forest Blizzard using GooseEgg as part of post-compromise activities … More → The post Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) appeared first on Help Net Security. #HelpNetSecurity #Cybersecurity

🚨 Critical Firefox Vulnerability Exploited in the Wild 🚨 At Art of Cyber Security, we prioritize keeping businesses protected from emerging threats. Mozilla has issued a warning about an actively exploited zero-day vulnerability in Firefox (CVE-2024-9680), rated 9.8/10. This flaw allows attackers to execute malicious code through compromised animation timelines. If your company uses Firefox, it’s crucial to update immediately to the latest versions (131.0.2 or ESR variants). Stay secure by ensuring your systems are always patched. Need assistance managing vulnerabilities? Reach out to our experts today! #CyberSecurity #ZeroDay #FirefoxVulnerability

A major zero-day security hole known as CVE-2024-9680, has shown up in Firefox putting 178 million users around the globe at risk. This dangerous bug tagged as a use-after-free problem in Animation timelines, lets hackers run any code they want without the user doing anything. With a CVSSv3 rating of 9.8 out of 10, users need to act fast. Mozilla has released fixes for the impacted versions—Firefox 131.0.2, Firefox ESR 128.3.1, and Firefox ESR 115.16.1—to guard against possible attacks. Security agencies from the Netherlands Canada, and Italy have also sounded the alarm pushing for quick action to secure systems. As cyber threats keep changing, keeping software current is key to protect important data. When did you last check your Firefox version? Let's talk: How does your company make sure software stays up to date? Tell us your ideas below! #Cybersecurity #Firefox #Vulnerability #UpdateNow #CVE2024 #DataProtection