Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware

Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware

/in

A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that’s used to drop the open-source Sliver adversary simulation tool.
The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused

The Hacker News – ​Read More

Critical Workspace Creation Flaw in GitLab Allows File OverwriteOnline Ransomware Decryptor Helps Recover Partially Encrypted Files