{"vulnerability": "CVE-2024-7262", "sightings": [{"uuid": "29c0cd99-9208-42f3-a6a2-b52562404c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-09-03T18:10:03.000000Z"}, {"uuid": "4e62eab0-4c74-49e2-b52b-feb4cda0253f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lnv6r6buzs2r", "content": "", "creation_timestamp": "2025-04-28T16:29:03.258539Z"}, {"uuid": "c28b6760-7c13-4fc9-b8d8-18785580e52a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:58.000000Z"}, {"uuid": "8d62c3d5-4867-4849-96f3-72c773ad2965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lnv6rbfz522r", "content": "", "creation_timestamp": "2025-04-28T16:29:04.525830Z"}, {"uuid": "6b0ff8bf-2d57-403f-9595-190dd1940c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lnv6rbg24c2r", "content": "", "creation_timestamp": "2025-04-28T16:29:05.583188Z"}, {"uuid": "2aff8b84-6acc-40a1-9a10-6845c1ab06ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3lnv6rbg33k2r", "content": "", "creation_timestamp": "2025-04-28T16:29:06.723495Z"}, {"uuid": "75679ded-5084-40bc-b660-c9f25901e4a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/cvedetector/19521", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11957 - Kingsoft WPS Office DLL Signature Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-11957 \nPublished : March 4, 2025, 4:15 p.m. | 28\u00a0minutes ago \nDescription : Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276  \n  \n on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T18:21:22.000000Z"}, {"uuid": "597f5d15-ca80-4c64-9f74-02346fd15708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m4ez7wqpxc2l", "content": "", "creation_timestamp": "2025-10-30T03:25:10.651103Z"}, {"uuid": "2e1e09b8-3eff-4846-92d0-7c3ed6ae1352", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d5a88f2c-23b2-4110-a813-8c6267c63fe5", "content": "", "creation_timestamp": "2026-02-02T12:26:30.060787Z"}, {"uuid": "0afd6e2c-8b8a-460d-94ca-5efe9661e13e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://t.me/HackingInsights/10260", "content": "\u200aWPS Office Vulnerabilities Expose 200 Million Users: CVE-2024-7262 Exploited in the Wild\n\nhttps://securityonline.info/wps-office-vulnerabilities-expose-200-million-users-cve-2024-7262-exploited-in-the-wild/", "creation_timestamp": "2024-08-17T10:33:56.000000Z"}, {"uuid": "9d1aea6b-c07b-4d6d-b892-d2aa785c224f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/ptescalator/165", "content": "\u2753 APT-C-60, \u0438\u043b\u0438 DarkHotel\n\n\ud83d\udcbf \u041c\u044b \u043a\u0430\u043a-\u0442\u043e \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u043f\u0440\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 VHDX-\u0444\u0430\u0439\u043b\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0443\u0434\u043e\u0431\u043d\u043e (\u043d\u0435\u0442, \u044d\u0442\u043e \u043d\u0435 \u043f\u0440\u0438\u0437\u044b\u0432 \u043a \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e). \u0421\u0430\u043c \u043f\u043e\u0441\u0442 \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430\u0439\u0442\u0438 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435. \u0422\u043e\u0433\u0434\u0430 \u0436\u0435 \u043c\u044b \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u043b\u0438, \u0447\u0442\u043e \u043f\u043e \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 \u0441\u043a\u043e\u0440\u043e \u0432\u044b\u0439\u0434\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435. \u0414\u0430, \u044d\u0442\u043e \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e!\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f \u0421\u043f\u0435\u0448\u0438\u043c \u0432\u0430\u043c \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 APT-C-60. \u042d\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 2021 \u0433\u043e\u0434\u0443. \u041e\u043d\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u043f\u043e\u043b\u0443\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u043e\u0432 \u0432 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 (\u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WPS Office) \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpyGlace\n\n\u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 WPS Office (CVE-2024-7262), \u043e\u0434\u043d\u0430\u043a\u043e \u0440\u0430\u043d\u0435\u0435 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043e\u043d\u0430 \u043a\u0430\u043a \u0440\u0430\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u0438\u0441\u043a. \u0412 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043c\u044b \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u043e\u0432\u044b\u0445 \u0434\u0438\u0441\u043a\u043e\u0432 \u0438 \u0440\u0435\u0448\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u043e \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0431 \u044d\u0442\u043e\u043c.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u044d\u0442\u0443 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 \u0441 \u043e\u0434\u043d\u0438\u043c \u043e\u0431\u0449\u0438\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c DarkHotel. \u041c\u044b \u043f\u043e\u043a\u0430\u0436\u0435\u043c, \u043e\u0442\u043a\u0443\u0434\u0430 \u0432\u0437\u044f\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0430\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0441\u0432\u044f\u0437\u044c, \u0438 \u0435\u0449\u0435 \u0440\u0430\u0437 \u0443\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0435 \u2014 \u044d\u0442\u043e \u0432\u0430\u0436\u043d\u043e.\n\n\u2615\ufe0f \u041d\u043e\u0432\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u043d\u0430 \u043d\u0430\u0448\u0435\u043c \u0441\u0430\u0439\u0442\u0435.\n\n\u041f\u0440\u0438\u044f\u0442\u043d\u043e\u0433\u043e \u0447\u0442\u0435\u043d\u0438\u044f!\n\n#TI #news #APT\n@ptescalator", "creation_timestamp": "2024-11-14T09:47:17.000000Z"}, {"uuid": "1b8f9e65-8784-45e6-ad74-57434f5069ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6391", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11957\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276\n\n on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.\n\ud83d\udccf Published: 2025-03-04T15:41:00.514Z\n\ud83d\udccf Modified: 2025-03-04T16:07:20.962Z\n\ud83d\udd17 References:\n1. https://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office/", "creation_timestamp": "2025-03-04T16:31:55.000000Z"}, {"uuid": "051650c4-1c81-41a0-967d-39fbbd8793ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://t.me/CyberBulletin/390", "content": "\u26a1\ufe0fWPS Office Vulnerabilities Expose 200 Million Users: CVE-2024-7262 Exploited in the Wild.\n\n#CyberBulletin", "creation_timestamp": "2024-08-16T11:46:16.000000Z"}, {"uuid": "36fd7c8e-5fdf-4c5d-b3ac-489a5a3eefe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/cvedetector/3245", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-7262 - Kingsoft WPS Office Windows Path Validation RCE\", \n  \"Content\": \"CVE ID : CVE-2024-7262 \nPublished : Aug. 15, 2024, 3:15 p.m. | 22\u00a0minutes ago \nDescription : Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.13489 on Windows allows an attacker to load an arbitrary Windows library.  \nUsing the MHTML format allows an attacker to automatically deliver a malicious library on opening the document and a single user click on a crafted hyperlink leads to the execution of the library. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T17:38:19.000000Z"}, {"uuid": "c1f96e02-90df-4332-a30d-d24e226b8df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/cvedetector/3244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-7263 - Kingsoft WPS Office DLL Hijacking\", \n  \"Content\": \"CVE ID : CVE-2024-7263 \nPublished : Aug. 15, 2024, 3:15 p.m. | 22\u00a0minutes ago \nDescription : Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.13489 on Windows allows an attacker to load an arbitrary Windows library.  \nThe patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough. Another hyperlink parameter was not properly sanitized which leads to the execution of an arbitrary Windows library. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T17:38:17.000000Z"}, {"uuid": "be6cdfca-1671-4240-88fb-569042614be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/830", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:37.000000Z"}, {"uuid": "c182489e-a6c2-4ce3-a2ea-56b0f9d32066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23702", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}, {"uuid": "ed786331-0af1-40fe-9cab-f00dab781b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8721", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "688dc483-3488-4d8f-bfdb-d762968c1200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11060", "content": "#Threat_Research\n1. Analyse MSI files for vulnerabilities\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\nhttps://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office", "creation_timestamp": "2024-09-01T04:56:18.000000Z"}, {"uuid": "abdb86f5-b920-4713-ba11-de486f1f8a54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7389", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "8de02c3e-6e6c-4f11-be51-a587a9b0150f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6154", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 ESET \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 APT-C-60, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 0-day \u0432 WPS Office \u0434\u043b\u044f Windows \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 SpyGlace \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\nWPS Office - \u044d\u0442\u043e \u043f\u0430\u043a\u0435\u0442 \u043e\u0444\u0438\u0441\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 \u0444\u0438\u0440\u043c\u043e\u0439 Kingsoft, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d \u0432 \u0410\u0437\u0438\u0438 \u0438 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 500 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f CVE-2024-7262 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043a\u043e\u043d\u0446\u0430 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2024, \u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043b\u0438\u0448\u044c \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 12.2.0.13110 (\u0430\u0432\u0433\u0443\u0441\u0442 2023) \u043f\u043e 12.1.0.16412 (\u043c\u0430\u0440\u0442 2024).\n\nKingsoft \u0431\u0435\u0437 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043c\u0430\u0440\u0442\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0447\u0442\u043e \u0432\u043c\u0435\u0441\u0442\u043e \u043d\u0435\u0435 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 ESET, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0443\u044e \u043a\u0430\u043a \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0442\u0430\u043a \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2024-7262 ESET\u00a0\u043e\u0442\u044b\u0441\u043a\u0430\u043b\u0438 \u0438 \u0432\u0442\u043e\u0440\u0443\u044e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2024-7263, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Kingsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043c\u0430\u044f 2024 \u0433\u043e\u0434\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 12.2.0.17119.\n\nCVE-2024-7262 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a \u041f\u041e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u00abksoqing://\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 URL-\u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0445.\n\n\u0412 \u0432\u0438\u0434\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u044d\u0442\u0438\u0445 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0433\u0438\u043f\u0435\u0440\u0441\u0441\u044b\u043b\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0422\u0430\u043a, APT-C-60 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u0442\u0430\u0431\u043b\u0438\u0446\u044b (\u0444\u0430\u0439\u043b\u044b MHTML), \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0433\u0438\u043f\u0435\u0440\u0441\u0441\u044b\u043b\u043a\u0438, \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u043f\u043e\u0434 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435\u043c-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u043e\u0439, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u0449\u0435\u043b\u043a\u043d\u0443\u0442\u044c \u043f\u043e \u043d\u0438\u043c \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\n\u041e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b URL \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432 \u0441\u0435\u0431\u044f \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 base64 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430 (promecefpluginhost.exe), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e DLL (ksojscore.dll), \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0443\u044e \u043a\u043e\u0434 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u042d\u0442\u0430 DLL \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 APT-C-60, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 (TaskControler.dll) \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpyGlace.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a APT-C-60 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0432\u0448\u0430\u044f\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c WPS Office, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2024-7262.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432, \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, CefPluginPathU8, \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0441\u043d\u043e\u0432\u0430 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043f\u0443\u0442\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 DLL \u0447\u0435\u0440\u0435\u0437 promecefpluginhost.exe.\n\nESET \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e \u0438\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0440\u0435\u0441\u0443\u0440\u0441 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 DLL, \u043d\u043e \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c IoC, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e APT-C-60,\u00a0- \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub.", "creation_timestamp": "2024-08-30T18:20:05.000000Z"}, {"uuid": "b0a050da-d6c6-4fce-b342-8bcec9728322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://t.me/true_secator/6479", "content": "\u041f\u043e\u0432\u0435\u0441\u0442\u044c \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043f\u043e\u0441\u0441\u043e\u0440\u0438\u043b\u0441\u044f \u0418\u0432\u0430\u043d \u0418\u0432\u0430\u043d\u043e\u0432\u0438\u0447 \u0441 \u0418\u0432\u0430\u043d\u043e\u043c \u041d\u0438\u043a\u0438\u0444\u043e\u0440\u043e\u0432\u0438\u0447\u0435\u043c.\n\n\u042f\u043f\u043e\u043d\u0441\u043a\u0438\u0439 CERT \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 APT-C-60, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u0433\u0440\u0443\u043f\u043f\u044b \u043d\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u044b\u0435 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2024 \u0433\u043e\u0434\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 SpyGlace.\n\nAPT-C-60, \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435\u0439 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u044b \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2024 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 WPS Office \u0434\u043b\u044f Windows (CVE-2024-7262) \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpyGlace \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439.\n\n\u0414\u043b\u044f \u044d\u0442\u0438\u0445 \u0446\u0435\u043b\u0435\u0439 \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0443 \u0432 \u0432\u0438\u0434\u0435 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043e \u043f\u0440\u0438\u0435\u043c\u0435 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0432 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b Google Drive, Bitbucket \u0438 StatCounter.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f JPCERT/CC, \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e \u0441\u043e \u0441\u0441\u044b\u043b\u043a\u043e\u0439 \u043d\u0430 \u0444\u0430\u0439\u043b VHDX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0438 \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0438 \u044f\u0440\u043b\u044b\u043a Windows (Self-Introduction.lnk).\n\nLNK \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u0437\u0430\u043f\u0443\u0441\u043a \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0448\u0430\u0433\u043e\u0432 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0443 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0442\u0432\u043b\u0435\u043a\u0430\u044e\u0449\u0435\u0433\u043e \u043c\u0430\u043d\u0435\u0432\u0440\u0430.\n\n\u0414\u0430\u043b\u0435\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u0430\u043f\u0443\u0441\u043a \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430/\u0434\u0440\u043e\u043f\u043f\u0435\u0440\u0430 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c SecureBootUEFI.dat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 StatCounter \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0441\u0442\u0440\u043e\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e\u00a0\u043f\u043e\u043b\u044f HTTP referer.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 \u0432\u044b\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0438\u0437 \u0438\u043c\u0435\u043d\u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u0434\u043e\u043c\u0430\u0448\u043d\u0435\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0438 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0437\u0430\u0442\u0435\u043c \u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\n\n\u0417\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043e\u0431\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u043a Bitbucket, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430 - \u0444\u0430\u0439\u043b\u0430 Service.dat, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u0432\u0430 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u0430 \u0438\u0437 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Bitbucket - cbmp.txt \u0438 icon.txt, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043a\u0430\u043a cn.dat \u0438 sp.dat \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\nService.dat \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 cn.dat \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0445\u043e\u0441\u0442\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0442\u0435\u0445\u043d\u0438\u043a\u0443 COM Hijacking, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440 SpyGlace (sp.dat).\n\n\u0411\u044d\u043a\u0434\u043e\u0440, \u0441\u043e \u0441\u0432\u043e\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c \u0441 \u04212 (103.187.26[.]176) \u0438 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e Chuangyu 404 Lab \u0438 Positive Technologies \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u0434\u0440\u0443\u0433 \u043e\u0442 \u0434\u0440\u0443\u0433\u0430 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043e\u0431 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445 \u0441\u043e SpyGlace, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u0434\u043e\u0432\u043e\u0434\u044b, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e APT-C-60 \u0438\u00a0APT-Q-12\u00a0(\u043e\u043d\u0430 \u0436\u0435 Pseudo Hunter) \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043f\u043e\u0434\u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 - DarkHotel.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-11-27T16:10:05.000000Z"}, {"uuid": "07f85712-a228-433a-8ed0-d602dbf55b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3714", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:46.000000Z"}, {"uuid": "75299359-c73c-4daa-8932-82d5c8b05308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://t.me/thehackernews/5488", "content": "A South Korea-aligned cyber espionage group, APT-C-60, has exploited a critical flaw in Kingsoft WPS Office to deploy the SpyGlace backdoor. \n \nRead: https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html \n \nEnsure your security teams are updated on CVE-2024-7262 and CVE-2024-7263.", "creation_timestamp": "2024-08-28T17:00:20.000000Z"}, {"uuid": "8e5ba31a-5893-446d-808d-af129e19aa40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "exploited", "source": "https://t.me/thehackernews/5957", "content": "APT-C-60 strikes again \u2013 this time with a targeted attack exploiting the WPS Office vulnerability (CVE-2024-7262) to deploy the SpyGlace backdoor. \n \nRead more about how this advanced attack works: https://thehackernews.com/2024/11/apt-c-60-exploits-wps-office.html", "creation_timestamp": "2024-11-27T12:24:45.000000Z"}, {"uuid": "25694b07-561f-4014-adc0-4c8e5f52a271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/InfoSecInsider/223", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}, {"uuid": "07eb8d96-c1e8-460b-8bf2-43d7c3ab0c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7262", "type": "seen", "source": "https://t.me/Rootsec_2/4319", "content": "#Threat_Research\n1. Analyse MSI files for vulnerabilities\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\nhttps://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office", "creation_timestamp": "2024-09-01T04:26:06.000000Z"}]}