appsec.fyi · Sources

malwarebytes.com

5 curated AppSec resources from malwarebytes.com across 4 topics on appsec.fyi.

malwarebytes.com

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-07-14.

Date Added Resource Excerpt
2026-07-14 2026Ghostcommit attack hides malicious AI instructions in imagesAIA novel attack, dubbed "Ghostcommit," allows attackers to hide malicious Artificial Intelligence (AI) instructions within image files. This technique leverages steganography, embedding secret code in visually imperceptible ways. The embedded instructions can then be executed by AI models processing these images, potentially leading to compromised data, model manipulation, or unauthorized actions. This represents a significant new threat vector for AI security, as malicious commands can be disguised as ordinary image data.
2026-07-03 2026WinRAR flaw could allow attackers to take control of your computerRCEWriteup on CVE-2026-14191, a WinRAR vulnerability allowing remote code execution via crafted RAR5 recovery-volume (.rev) files. This bug, similar to CVE-2023-40477, exploits how WinRAR handles these repair files to write data outside allocated memory, potentially enabling attackers to run malicious code. The advisory urges users to manually update WinRAR to version 7.23, as automatic updates are not supported, and highlights the risk posed by the lack of timely updates, referencing past exploitation of similar WinRAR flaws by state-aligned groups.
2026-05-30 2026700 education and tech websites hijacked in huge ClickFix malware campaignSQLiAnalysis of CVE‑2026‑26980, a critical SQL injection vulnerability affecting Ghost CMS versions 3.24.0 through 6.19.0, details how attackers exploited this flaw to hijack over 700 websites. The vulnerability allowed for the theft of administrative API keys, enabling attackers to inject JavaScript that presented fake Cloudflare or CAPTCHA verification dialogs, tricking visitors into running Windows commands to install malware through ClickFix attacks.
2026-05-22 2026Update Chrome now: Critical bugs could let attackers run codeRCEVulnerabilities in Chrome's WebRTC and UI allow remote code execution and UI spoofing. CVE-2026-9111, a use-after-free vulnerability in WebRTC, enables arbitrary code execution on Linux via a crafted HTML page. CVE-2026-9110, an inappropriate UI implementation on Windows, permits UI spoofing by an attacker who has compromised the renderer process. Updates to Chrome stable versions 148.0.7778.178/179 are available.
2026-04-02 2026Axios supply chain attack chops away at npm trustSupply ChainWriteup on the Axios supply chain attack, detailing how compromised credentials led to malicious versions of axios (axios@1.14.1, axios@0.30.4) and a malicious dependency (plain-crypto-js@4.2.1) being published to npm. These versions inject a Remote Access Trojan (RAT) via a post-install script, potentially exposing secrets and leading to full machine compromise. Indicators of compromise include specific domains, IP addresses, and temporary file paths on affected operating systems.