China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

READ ARTICLE A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an “aggressive” campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Uteus or Uetus), describing it as a “former member of Chinese hacktivist…

Read More

OAuth endpoint “MultiLogin” identified as root for Google Chrome’s widely adopted session jacking exploit.

https://www.csoonline.com/article/1285861/highly-exploited-chromium-bug-traced-to-a-google-oauth-endpoint.html An undocumented Google OAuth endpoint has been identified to be the root of the notorious info stealing exploit that is being widely implemented by various threat actors in their codes since it appeared in October 2023. The critical exploit, which allows the generation of persistent Google cookies through token manipulation and enables continuous access…

Read More