X41 D-Sec GmbH, a leading cybersecurity firm, has completed a white-box penetration test of the Mullvad VPN application, revealing several vulnerabilities, including one rated as “critical” and two rated as “high” severity.

The vulnerability arises when applications incorrectly rely on the order or content of keys presented to the PublicKeyCallback function. Attackers can exploit this by presenting multiple public keys or authenticating with a different key.

The issue has been addressed in curl version 8.11.1. Users are strongly advised to upgrade to this version or apply the provided patch and rebuild curl. As a workaround, avoid using .netrc files together with redirects.

After a decade-long silence since its last known activity in 2014, Careto is back with new, sophisticated attacks targeting high-profile organizations, including governments, diplomatic entities, and research institutions.

A significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the German BSI.

A newly discovered vulnerability in Apache Superset, a popular open-source business intelligence platform, could allow attackers to gain unauthorized write access to sensitive data.

These vulnerabilities, identified as CVE-2024-37143 and CVE-2024-37144, pose significant risks, ranging from remote code execution to information disclosure, with CVSS scores of 10.0 and 8.2, respectively.

To conceal their malicious intent, the attackers employed URL redirections via Google AMP and encoded parameters to create a complex trail. This multi-layered strategy not only bypassed SEGs but also complicated manual detection efforts.

Patchstack identified two critical flaws in the Woffice Core plugin, which is required for the theme’s functionality. This includes a privilege escalation vulnerability (CVE-2024-43153) and an unauthenticated account takeover (CVE-2024-43234).

The flaw, which involves the insecure handling of administrator credentials during deployment processes, exposes organizations to potential lateral movement attacks and broader network compromises.