2026年4月9日星期四

Google Chrome 多個漏洞

Google Chrome 多個漏洞

發佈日期: 2026年04月09日

風險: 中度風險

類型: 用戶端 - 瀏覽器

於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、繞過保安限制、資料篡改及洩露敏感資料。

 

影響

  • 資料洩露
  • 阻斷服務
  • 遠端執行程式碼
  • 繞過保安限制
  • 篡改

受影響之系統或技術

  • Google Chrome 147.0.7727.55 (Linux) 之前的版本
  • Google Chrome 147.0.7727.55/56 (Mac) 之前的版本
  • Google Chrome 147.0.7727.55/56 (Windows) 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

安裝軟件供應商提供的修補程式:

  • 更新至 147.0.7727.55 (Linux) 或之後版本
  • 更新至 147.0.7727.55/56 (Mac) 或之後版本
  • 更新至 147.0.7727.55/56 (Windows) 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Google Chrome Multiple Vulnerabilities

Google Chrome Multiple Vulnerabilities

Release Date: 9 Apr 2026

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, security restriction bypass, data manipulation and sensitive information disclosure on the targeted system.

Impact

  • Information Disclosure
  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Data Manipulation

System / Technologies affected

  • Google Chrome prior to 147.0.7727.55 (Linux)
  • Google Chrome prior to 147.0.7727.55/56 (Mac)
  • Google Chrome prior to 147.0.7727.55/56 (Windows)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 147.0.7727.55 (Linux) or later
  • Update to version 147.0.7727.55/56 (Mac) or later
  • Update to version 147.0.7727.55/56 (Windows) or later

Vulnerability Identifier

Source

Related Link

沒有留言:

2026年4月8日星期三

Android 阻斷服務漏洞

Android 阻斷服務漏洞

發佈日期: 2026年04月08日

風險: 中度風險

類型: 操作系統 - 流動裝置及操作系統

於 Android 發現一個漏洞。遠端攻擊者可利用這漏洞,於目標系統觸發阻斷服務狀況。

影響

  • 阻斷服務

受影響之系統或技術

  • 2026-04-01 前的 Android 保安更新級別

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

漏洞識別碼

資料來源

相關連結

沒有留言:

Android Denial of Service Vulnerability

Android Denial of Service Vulnerability

Release Date: 8 Apr 2026

RISK: Medium Risk

TYPE: Operating Systems - Mobile & Apps

A vulnerability was identified in Android. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.

Impact

  • Denial of Service

System / Technologies affected

  • Android security patch level prior to 2026-04-01

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Vulnerability Identifier

Source

Related Link

沒有留言:

Mozilla 產品多個漏洞

Mozilla 產品多個漏洞

發佈日期: 2026年04月08日

風險: 中度風險

類型: 用戶端 - 瀏覽器

於 Mozilla 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況及遠端執行任意程式碼。

影響

  • 阻斷服務
  • 遠端執行程式碼

受影響之系統或技術

以下版本之前的版本﹕

 

  • Firefox 149.0.2
  • Firefox ESR 115.34.1
  • Firefox ESR 140.9.1
  • Thunderbird 140.9.1
  • Thunderbird 149.0.2

解決方案

在安裝軟體之前,請先瀏覽供應商之官方網站,以獲得更多詳細資料。

更新至版本:

 

  • Firefox 149.0.2
  • Firefox ESR 115.34.1
  • Firefox ESR 140.9.1
  • Thunderbird 140.9.1
  • Thunderbird 149.0.2

漏洞識別碼

資料來源

相關連結

沒有留言:

Mozilla Products Multiple Vulnerabilities

Mozilla Products Multiple Vulnerabilities

Release Date: 8 Apr 2026

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

Versions prior to:

 

  • Firefox 149.0.2
  • Firefox ESR 115.34.1
  • Firefox ESR 140.9.1
  • Thunderbird 140.9.1
  • Thunderbird 149.0.2

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • Firefox 149.0.2
  • Firefox ESR 115.34.1
  • Firefox ESR 140.9.1
  • Thunderbird 140.9.1
  • Thunderbird 149.0.2

Vulnerability Identifier

Source

Related Link

沒有留言:

Fortinet FortiClientEMS 遠端執行程式碼漏洞

Fortinet FortiClientEMS 遠端執行程式碼漏洞

發佈日期: 2026年04月08日

風險: 極高度風險

類型: 操作系統 - Network

於 Fortinet FortiClientEMS 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發遠端執行任意程式碼及權限提升。

 

注意:

CVE-2026-35616 正在被廣泛利用。FortiClient EMS 中存在不當存取控制(Improper Access Control)漏洞,可能允許未經身份驗證的攻擊者透過精心設計的請求,執行未經授權的程式碼或指令。

影響

  • 遠端執行程式碼
  • 權限提升

受影響之系統或技術

  • FortiClientEMS 7.4 版本 7.4.5 至 7.4.6

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

  • 安裝供應商提供的修補程式:
    FortiClientEMS 7.4.7 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Fortinet FortiClientEMS Remote Code Execution Vulnerability

Fortinet FortiClientEMS Remote Code Execution Vulnerability

Release Date: 8 Apr 2026

RISK: Extremely High Risk

TYPE: Operating Systems - Networks OS

A vulnerability has been identified in Fortinet FortiClientEMS. A remote attacker could exploit this vulnerability to trigger remote code execution and elevation of privilege on the targeted system.

 

Note:

CVE-2026-35616 is being exploited in the wild. An Improper Access Control vulnerability in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Impact

  • Remote Code Execution
  • Elevation of Privilege

System / Technologies affected

  • FortiClientEMS 7.4 versions 7.4.5 through 7.4.6

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

  • Apply fixes issued by the vendor:
    FortiClientEMS 7.4.7 or later version

Vulnerability Identifier

Source

Related Link

沒有留言:

SUSE Linux 內核多個漏洞

SUSE Linux 內核多個漏洞

發佈日期: 2026年04月08日

風險: 高度風險

類型: 操作系統 - LINUX

於 SUSE Linux 內核發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升及繞過保安限制。

影響

  • 阻斷服務
  • 繞過保安限制
  • 權限提升

受影響之系統或技術

  • SUSE Linux Enterprise Live Patching 15-SP7
  • SUSE Linux Enterprise Real Time 15 SP7
  • SUSE Linux Enterprise Server 15 SP7
  • SUSE Linux Enterprise Server for SAP Applications 15 SP7

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:

SUSE Linux Kernel Multiple Vulnerabilities

SUSE Linux Kernel Multiple Vulnerabilities

Release Date: 8 Apr 2026

RISK: High Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and security restriction bypass on the targeted system.

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Elevation of Privilege

System / Technologies affected

  • SUSE Linux Enterprise Live Patching 15-SP7
  • SUSE Linux Enterprise Real Time 15 SP7
  • SUSE Linux Enterprise Server 15 SP7
  • SUSE Linux Enterprise Server for SAP Applications 15 SP7

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

沒有留言:

2026年4月2日星期四

Google Chrome 多個漏洞

Google Chrome 多個漏洞

發佈日期: 2026年04月02日

風險: 高度風險

類型: 用戶端 - 瀏覽器

於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、繞過保安限制、資料篡改及洩露敏感資料。

 

注意:

CVE-2026-5281 正在被廣泛利用。該漏洞允許已經入侵渲染程序的遠端攻擊者,透過精心製作的 HTML 網頁觸發遠端執行任意程式碼。因此,該漏洞的風險等級被評為高度風險。

 

影響

  • 資料洩露
  • 阻斷服務
  • 遠端執行程式碼
  • 繞過保安限制
  • 篡改

受影響之系統或技術

  • Google Chrome 146.0.7680.177 (Linux) 之前的版本
  • Google Chrome 146.0.7680.177/178 (Mac) 之前的版本
  • Google Chrome 146.0.7680.177/178 (Windows) 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

安裝軟件供應商提供的修補程式:

  • 更新至 146.0.7680.177 (Linux) 或之後版本
  • 更新至 146.0.7680.177/178 (Mac) 或之後版本
  • 更新至 146.0.7680.177/178 (Windows) 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Google Chrome Multiple Vulnerabilities

Google Chrome Multiple Vulnerabilities

Release Date: 2 Apr 2026

RISK: High Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, security restriction bypass, data manipulation and sensitive information disclosure on the targeted system.

 

Note:

CVE-2026-5281 is being exploited in the wild.  The vulnerability allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Hence, the risk level is rated as High Risk.

Impact

  • Information Disclosure
  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Data Manipulation

System / Technologies affected

  • Google Chrome prior to 146.0.7680.177 (Linux)
  • Google Chrome prior to 146.0.7680.177/178 (Mac)
  • Google Chrome prior to 146.0.7680.177/178 (Windows)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 146.0.7680.177 (Linux) or later
  • Update to version 146.0.7680.177/178 (Mac) or later
  • Update to version 146.0.7680.177/178 (Windows) or later

Vulnerability Identifier

Source

Related Link

沒有留言:

2026年4月1日星期三

RedHat Linux 核心多個漏洞

RedHat Linux 核心多個漏洞

發佈日期: 2026年04月01日

風險: 中度風險

類型: 操作系統 - LINUX

於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發資料篡改、阻斷服務狀況、權限提升及洩露敏感資料。

影響

  • 阻斷服務
  • 權限提升
  • 資料洩露
  • 篡改

受影響之系統或技術

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:

RedHat Linux Kernel Multiple Vulnerabilities

RedHat Linux Kernel Multiple Vulnerabilities

Release Date: 1 Apr 2026

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

沒有留言:

Citrix 產品多個漏洞

Citrix 產品多個漏洞

發佈日期: 2026年03月31日

風險: 中度風險

類型: 操作系統 - Network

於 Citrix 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況及洩露敏感資料。

 

注意:

CVE-2026-3055 正在被廣泛利用。該漏洞是由於輸入驗證不足引起,而導致記憶體被越界讀取。Citrix ADC 或 Citrix Gateway 必須配置為 SAML IDP 才會受到影響。因此,該漏洞的風險等級被評為中度風險。

影響

  • 資料洩露
  • 阻斷服務

受影響之系統或技術

  • NetScaler ADC 和 NetScaler Gateway  14.1-66.54 版本
  • NetScaler ADC 和 NetScaler Gateway 14.1 中 14.1-60.58 之前的版本
  • NetScaler ADC 和 NetScaler Gateway 13.1 中 13.1-62.23 之前的版本
  • NetScaler ADC FIPS 和 NDcPP 中 13.1-37.262 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:

Citrix Products Multiple Vulnerabilities

Citrix Products Multiple Vulnerabilities

Release Date: 31 Mar 2026

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and sensitive information disclosure on the targeted system.

 

Note:

CVE-2026-3055 is being exploited in the wild.  The vulnerability is caused by insufficient input validation leading to memory overread. Citrix ADC or Citrix Gateway must be configured as a SAML IDP to be vulnerable. Hence, the risk level is rated as Medium Risk.

Impact

  • Information Disclosure
  • Denial of Service

System / Technologies affected

  • NetScaler ADC and NetScaler Gateway  14.1-66.54
  • NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-60.58
  • NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-62.23
  • NetScaler ADC FIPS and NDcPP BEFORE 13.1-37.262

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

沒有留言:

釣魚警報 – ClickFix 出現新變種,攻擊同時針對 Windows 和 macOS

釣魚警報 – ClickFix 出現新變種,攻擊同時針對 Windows 和 macOS

發佈日期: 2026年03月31日

類別: 網絡釣魚

網絡釣魚警告

現況及相關趨勢

最近的威脅情報顯示,名為 "ClickFix" 的攻擊手法原本主要針對 Microsoft Windows,但如今已演變出新的變種,並鎖定 macOS 的用戶。此演變顯示該技術正不在斷進化,被更多不同的攻擊者利用。  

 

傳統針對 Windows 的 ClickFix 攻擊

這類攻擊模仿網站常見的,用以區分合法使用者與機器人的「Verify You are a Human」測試。受害者被網站誘導按下特定鍵盤組合,最終導致在 Microsoft Windows 系統上下載並執行惡意軟體。

 

攻擊的過程通常如下:

  1. 要求用戶同時按下帶有 Windows 圖標的鍵盤鍵和字母 “R”,這將打開 Windows 的 “Run” 程序,並能夠透過此程序執行系統上已安裝的任何程序。
  2. 指導用戶同時按下 “CTRL” 鍵和字母 “V”,從而將網站虛擬剪貼板上的惡意代碼粘貼下來。
  3. 按下 “Enter” 鍵,促使 Windows 執行剪貼板上的惡意代碼。

 

針對 Windows 的最新變種 – 惡意利用 Windows 合法組件 rundll32.exe 與 WebDAV

最新的 ClickFix 變種惡意利用 Windows 合法組件 rundll32.exe 與 WebDAV 來傳送惡意載荷。它透過 ordinal calls 載入遠端 DLL,以規避偵測,減少對腳本引擎的依賴並繞過傳統監控。這種轉向透過利用 Windows 原生組件的方式,結合反分析技術,使攻擊更隱蔽且更難被發現。 

 

(針對 Windows 用戶的 ClickFix 攻擊)

 

 

針對 macOS 用戶的變種 – Infinity Stealer

針對 macOS 的 ClickFix 變種透過假的 Cloudflare CAPTCHA 誘騙使用者,傳送 Infinity Stealer。受害者被誘導將惡意 curl 指令貼入 macOS Terminal,安裝一個使用 Nuitka 編譯的 Python-based infostealer,以增強逃避偵測能力。  

 

Infinity Stealer 的功能包括:  

  • 竊取 Chromium-based browsers 與 Firefox 的憑證  
  • 提取 macOS Keychain 內容  
  • 存取加密貨幣錢包  
  • 讀取開發者檔案(如 `.env`)中的憑證或密鑰 

 

所有被竊取的資料會透過 HTTP POST 請求傳送至 C2 server,並在完成後向攻擊者發送 Telegram 通知。此攻擊活動突顯 ClickFix 從 Windows 擴展至 macOS,並採用更先進、更隱蔽的技術。  

 

The ClickFix step

(針對 macOS 用戶的 ClickFix 攻擊)

(來源: https://www.bleepingcomputer.com/news/security/new-infinity-stealer-malware-grabs-macos-data-via-clickfix-lures/)


 

建議

各機構及用戶應對不斷演變的 ClickFix 攻擊手法保持警覺,並採取主動措施以防止系統遭入侵,該手法現已同時針對 Windows 與 macOS 系統。為防範相關的 ClickFix 攻擊,請採取以下措施:

 

  • 切勿跟隨可疑的 CAPTCHA 驗證提示,或將未知指令貼入 Windows Run 視窗或 macOS Terminal。
  • 更新並維護安全軟體,以偵測及阻擋惡意的 rundll32 或 curl 活動。
  • 封鎖已知的惡意網域,並監控網路流量中與 C2 servers 之間的可疑連線。
  • 對網絡釣魚及社交工程手法保持警覺,避免與具欺騙性的 ClickFix 誘騙互動。
沒有留言:

Phishing Alert – ClickFix Tactics Evolve, Now Attacking Both Windows and macOS

Phishing Alert – ClickFix Tactics Evolve, Now Attacking Both Windows and macOS

Release Date: 31 Mar 2026

Type: Phishing

Phishing Alert

Current Status and Related Trends

Recent threat intelligence indicates that ClickFix tactics, originally targeting Microsoft Windows, have now evolved with a new variant aimed at macOS. This expansion demonstrates that the technique is increasingly being deployed by multiple attackers. 

 

 

Traditional Windows-focused ClickFix attacks

These campaigns mimic the familiar “Verify You are a Human” tests commonly used by websites to distinguish legitimate users from bots. Victims are prompted to press specific keyboard combinations, which ultimately result in the download and execution of malicious software on Microsoft Windows systems.  

 

The deceptive process typically unfolds as follows:  

  1. The user is instructed to press the Windows key and the letter “R” simultaneously, opening the Windows “Run” prompt capable of executing any program already installed on the system.  
  2. The user is told to press CTRL + V, pasting malicious code from the site’s virtual clipboard into the Run prompt.  
  3. Pressing Enter executes the pasted code, initiating the download and installation of malware.  

 

Latest Windows Variant – Abusing Windows components Rundll32 & WebDAV  
The most recent ClickFix variant maliciously abuses legitimate Windows components, rundll32.exe and WebDAV to deliver payloads. It loads remote DLLs via ordinal calls to evade detection, reducing reliance on script engines and bypassing traditional monitoring. This shift to native Windows components, combined with anti-analysis techniques, makes the attack stealthier and harder to detect.

 

(ClickFix attack targetting Windows users)

 

 

macOS Variant – Infinity Stealer  
A new macOS-targeted ClickFix variant delivers Infinity Stealer via fake Cloudflare CAPTCHA lures. Victims are tricked into pasting a malicious curl command into the macOS Terminal, installing a Python-based infostealer compiled with Nuitka for enhanced evasion.  

 

Infinity Stealer can:  

  • Steal credentials from Chromium-based browsers and Firefox  
  • Extract macOS Keychain entries  
  • Access cryptocurrency wallets  
  • Read plaintext secrets from developer files (e.g., `.env`)  

 

All stolen data is exfiltrated via HTTP POST requests to the C2 server, with a Telegram alert sent to attackers upon completion. This campaign highlights ClickFix’s expansion from Windows to macOS, employing more advanced and stealthy techniques.  

 

The ClickFix step

(ClickFix attack targetting macOS users)
(Ref: https://www.bleepingcomputer.com/news/security/new-infinity-stealer-malware-grabs-macos-data-via-clickfix-lures/)

 

Recommendations

Organisations and individuals are urged to stay alert to evolving ClickFix phishing tactics, which now target both Windows and macOS systems, and take proactive measures to prevent compromise. To guard against related ClickFix attacks, please take the following measures:
 

  • Do not follow suspicious CAPTCHA prompts or paste unknown commands into Windows Run prompts or macOS Terminal.
  • Update and maintain security software to detect and block malicious rundll32 or curl activity.
  • Block known malicious domains and monitor network traffic for unusual connections to C2 servers.
  • Stay aware on phishing and social engineering tactics to prevent interaction with deceptive ClickFix lures.
沒有留言:

Microsoft Edge 多個漏洞

Microsoft Edge 多個漏洞

發佈日期: 2026年03月30日

風險: 中度風險

類型: 用戶端 - 瀏覽器

於 Microsoft Edge 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況及洩露敏感資料。

影響

  • 遠端執行程式碼
  • 阻斷服務
  • 資料洩露

受影響之系統或技術

  • Microsoft Edge 146.0.3856.84 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

安裝軟件供應商提供的修補程式:

  • 更新至 146.0.3856.84 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Microsoft Edge Multiple Vulnerabilities

Microsoft Edge Multiple Vulnerabilities

Release Date: 30 Mar 2026

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition and sensitive information disclosure on the targeted system.

Impact

  • Remote Code Execution
  • Denial of Service
  • Information Disclosure

System / Technologies affected

  • Microsoft Edge version prior to 146.0.3856.84

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 146.0.3856.84 or later

Vulnerability Identifier

Source

Related Link

沒有留言:

思科 IOS XE 多個漏洞

思科 IOS XE 多個漏洞

發佈日期: 2026年03月26日

風險: 中度風險

類型: 保安軟件及應用設備 - 保安軟件及應用設備

於思科 IOS XE 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發洩露敏感資料、阻斷服務狀況、遠端執行任意程式碼、繞過保安限制及權限提升。

影響

  • 阻斷服務
  • 遠端執行程式碼
  • 資料洩露
  • 繞過保安限制
  • 權限提升

受影響之系統或技術

  • 思科 IOS XE

請參考供應商發佈的連結以了解受影響的設備:

 

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:

Cisco IOS XE Multiple Vulnerabilities

Cisco IOS XE Multiple Vulnerabilities

Release Date: 26 Mar 2026

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Cisco IOS XE. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, remote code execution, security restriction bypass and elevation of privilege on the targeted system. 

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure
  • Security Restriction Bypass
  • Elevation of Privilege

System / Technologies affected

  • Cisco IOS XE

For affected devices, please refer to the link issued by the vendor:

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

沒有留言:
訂閱: 留言 (Atom)

Google Chrome 多個漏洞

Google Chrome 多個漏洞 發佈日期: 2026年04月09日 風險: 中度風險 類型: 用戶端 - 瀏覽器 於 Google Chr...