malicious code - Geek Feed

Nuclei flaw lets malicious templates bypass signature verification

January 5, 2025January 5, 2025 geekfeed0Tagged backdoors, CVE-2024-43405, exposed configuration files, malicious code, misconfigurations, Nuclei, ProjectDiscovery, vulnerability, Vulnerability Scanner, webshells

A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. Nuclei is a popular open-source vulnerability scanner created by ProjectDiscovery that scans websites for vulnerabilities and other weaknesses. The project utilizes a template-based scanning system of over 10,000 […]

2 mins read

Hackers use macOS extended file attributes to hide malicious code

November 14, 2024November 14, 2024 geekfeed0Tagged apple, Evasion, Lazarus Group, macOS, malicious code, North Korea

Hackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr. The threat actor is hiding malicious code in custom file metadata and also uses decoy PDF documents to help evade detection. The new technique is similar to how the Bundlore adware in 2020 hid its […]

3 mins read