sans
Mar 09, 2026 at 02:00
Latest cybersecurity news from CISA, Krebs on Security, and other trusted sources
YARA-X&#;x26;#;39;s 1.14.0 release brings 4 improvements and 2 bugfixes.
[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program]
And another XWorm[1] wave in the wild! This malware family is not new and heavily spread but delivery techniques always evolve and deserve to be described to show you how threat actors can be imaginative! This time, we are facing another piece of multi-technology malware.
CrushFTP is a Java-based open source file transfer system. It is offered for multiple operating systems. If you run a CrushFTP instance, you may remember that the software has had some serious vulnerabilities: CVE-2024-4040 (the template-injection flaw that let unauthenticated attackers escape the VFS sandbox and achieve RCE), CVE-2025-31161 (the auth-bypass that handed over the crushadmin account on a silver platter), and the July 2025 zero-day CVE-2025-54309 that was actively exploited in the wild.
In diary entry "Quick Howto: Extract URLs from RTF files" I mentioned ZIP files.
Wireshark release 4.6.4 fixes 3 vulnerabilities and 15 bugs.
It's Friday, let's have a look at another simple piece of malware to close a busy week! I received a Fedex notification about a delivery. Usually, such emails are simple phishing attacks that redirect you to a fake login page to collect your credentials. Here, it was a bit different:
[This is a Guest Diary by Austin Bodolay, an ISC intern as part of the SANS.edu BACS program]
In 2010, OWASP added "Unvalidated Redirects and Forwards" to its Top 10 list and merged it into "Sensitive Data Exposure" in 2013. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not look like a big deal. The user is receiving a 3xx status code and is being redirected to another URL. That target URL should handle all authentication and access control, regardless of where the data originated.
This feed aggregates the latest cybersecurity news from trusted sources to help you stay informed about emerging threats, vulnerabilities, and security trends.