Zyxel, has released patches for a critical security flaw in its firewall devices. The flaw, known as CVE-2023-28771 and rated 9.8 on the CVSS scoring system, could be exploited by an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to affected device. The impacted products include ATP, USG FLEX, VPN, and …
The Malawi Computer Emergency Response Team (Malawi CERT) warns of an actively exploited vulnerability in the Chrome web browser, tracked as CVE-2023-2033. This vulnerability poses a high-severity risk and has been described as a type confusion issue in the V8 JavaScript engine. The vulnerability could potentially allow cybercriminals to access your vulnerable system. To address …
The Malawi Computer Emergency Response Team (Malawi CERT) warns of a vulnerability reported by HP concerning certain LaserJet printer models. The vulnerability, identified as CVE-2023-1707 and assigned a critical severity score of 9.1, could result in the disclosure of sensitive information. It affects specific HP Enterprise LaserJet and HP LaserJet Managed Printers that have IPsec …
The Malawi Computer Emergency Response Team (Malawi CERT) cautions against a concerning cybersecurity trend where malicious browser add-on extensions are being used to steal personal data from unsuspecting users. A recent example is the fake ChatGPT-branded Chrome browser extension, identified as a tool used by cybercriminals to hijack Facebook accounts and compromise users’ personal information. …
The Malawi Computer Emergency Response Team (Malawi CERT) is urging people to exercise caution when using Python libraries, especially those available on the PyPI repository. The warning follows the discovery by ReversingLabs of 41 malicious Python packages that are posing as legitimate modules on PyPI. The Malawi CERT is advising users to verify package integrity …
Trojanized PyPI Packages Mimicking Popular Libraries Read More »
The Malawi Computer Emergency Response Team is reminding individuals and businesses to stay up to date with the latest software and security updates. One such update that should not be ignored is the January 2023 patch from Microsoft. This patch addresses 98 vulnerabilities in the Windows operating system, including those that could potentially be exploited …