Alerts

SonicWall has revealed that two security flaws impacting its SMA100 Secure Mobile Access appliances have been exploited

EXPLOIT This flaws were being exploited by use of the following CVEs CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a ‘nobody’ user, potentially leading to OS Command Injection Vulnerability CVE-2024-38475 (CVSS score: 9.8) […]

SonicWall has revealed that two security flaws impacting its SMA100 Secure Mobile Access appliances have been exploited Read More »

Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

BACKGROUND Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. RECOMMENDATION To mitigate the risk posed by such attacks, clients are advised to apply a Conditional Access policy to all Microsoft 365, Dynamics

Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach Read More »

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

BACKGROUND Researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. “Pinging functionality that can report back to a

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers Read More »

WooCommerce admins targeted by fake security patches that hijack sites

BACKGROUND Once installed and activated, it provides threat actors administrator access to the dashboard and makes use of the REST API to facilitate remote code execution by injecting malicious PHP code into the site theme’s header file or clearing the caches of popular caching plugins. A new iteration of the malware includes notable changes to

WooCommerce admins targeted by fake security patches that hijack sites Read More »

Cisco’s Decade-Old ASA WebVPN Vulnerability being Exploited by Attacker

The Malawi Computer Emergency Response Team warns cisco customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)

Cisco’s Decade-Old ASA WebVPN Vulnerability being Exploited by Attacker Read More »

Malware Locks Browser in Kiosk Mode to Steal Google Credentials

Malawi CERT advices google services users about a malware that is using the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. Specifically, the malware “locks” the user’s browser on Google’s login page with no obvious way to close

Malware Locks Browser in Kiosk Mode to Steal Google Credentials Read More »

Telegram App Flaw Exploited to Spread Malware Hidden in Videos

Malawi CERT warns of a zero-day security flaw in Telegram’s mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. Attackers could share malicious Android payloads via Telegram channels, groups, and chat, and make them appear as multimedia files,” a security researcher said in a report. It’s

Telegram App Flaw Exploited to Spread Malware Hidden in Videos Read More »

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

Malawi CERT warns about a new information stealer targeting Apple macOS systems that’s designed to set up persistence on the infected hosts and act as a spyware. Hackers are using a new Mac malware to launch attacks against both newer Macs running Apple Silicon as well as older Intel-based Macs. Cuckoo, like the MacStealer macOS

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs Read More »

Beware of “I can’t believe he is gone” Facebook phishing posts

The Malawi Computer Emergency Response Team (Malawi CERT)warns about a widespread Facebook phishing campaign stating, “I can’t believe he is gone. I’m gonna miss him so much,” leads unsuspecting users to a website that steals your Facebook credentials. The Facebook phishing posts come in two forms, with one simply stating, “I can’t believe he is

Beware of “I can’t believe he is gone” Facebook phishing posts Read More »

Scroll to Top
Skip to content