OTX Bot2d ago

VoidStealer: Debugging Chrome to Steal Its Secrets

VoidStealer is an emerging infostealer that employs a novel debugger-based Application-Bound Encryption (ABE) bypass technique. This method leverages hardware breakpoints to extract the v20_master_key directly from browser memory, requiring neither privilege escalation nor code injection. The technique involves attaching to the browser process as a debugger, setting breakpoints at strategic locations, and extracting the key when it's briefly present in plaintext. This approach offers a lower detection footprint compared to alternative bypass methods. The blog post dissects the technique step-by-step, from locating the target address for breakpoint placement to extracting the key. It also provides detection strategies for defenders, focusing on monitoring debugger attachments and suspicious browser memory reads.

Pulse ID: 69bd18a56a2163e596b86133
Pulse Link: https://otx.alienvault.com/pulse/69bd18a56a2163e596b86133
Pulse Author: AlienVault
Created: 2026-03-20 09:51:33

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Chrome #CodeInjection #CyberSecurity #Encryption #InfoSec #InfoStealer #OTX #OpenThreatExchange #RAT #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
N-gated Hacker NewsMar 7
🖥️ Ah yes, the delightful pastime of injecting code into #macOS for absolutely no gain whatsoever! 💸 The author, who simply cannot stop talking about his unrelated love for a Windows tool, generously shares a step-by-step guide on achieving... well, nothing relevant. 🎯 Spoiler: it's all #fun and games until your Mac says "Goodnight, and good luck!" 🌙
https://mariozechner.at/posts/2024-07-20-macos-code-injection-fun/ #coding #codeinjection #techhumor #softwaredevelopment #HackerNews #ngated
macOS code injection for fun and no profit

Fun little vacation project for fun and zero profit.

Offensive SequenceFeb 26
🚨 CVE-2026-27497 (CRITICAL, CVSS 9.4): n8n-io n8n code injection via Merge node's SQL query mode. Authenticated users can achieve RCE and write files. Upgrade to v2.10.1/2.9.3/1.123.22 now! https://radar.offseq.com/threat/cve-2026-27497-cwe-94-improper-control-of-generati-7583bd72 #OffSeq #n8n #CodeInjection #Infosec
AllAboutSecurityDec 8

WatchGuard Firebox: Kritische Sicherheitslücken ermöglichen Code-Injection und Umgehung von Schutzmaßnahmen

https://www.all-about-security.de/watchguard-firebox-kritische-sicherheitsluecken-ermoeglichen-code-injection-und-umgehung-von-schutzmassnahmen/

#watchguard #CodeInjection #FirewallAppliances #firewall #XPathInjection #CVE

WatchGuard Firebox: Kritische Sicherheitslücken ermöglichen Code-Injection und Umgehung von Schutzmaßnahmen

Zehn Schwachstellen in WatchGuard Firebox-Firewalls gefährden Unternehmensnetzwerke. Patches verfügbar – sofortige Installation dringend empfohlen.

All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit
sekurak NewsAug 8, 2025

W jaki sposób exploit typu Content Injection może zniszczyć społeczność kultowej gry RTS?

StarCraft: Brood War i jego następca StarCraft 2 to ikony gatunku RTS (strategii czasu rzeczywistego) oraz jedne z najważniejszych gier komputerowych w historii, które od dekad cieszą się aktywną społecznością i profesjonalną sceną e-sportową. Jednak StarCraft 2 stoi obecnie przed poważnymi problemami, które zagrażają jego dalszemu rozwojowi i funkcjonowaniu gry....

#WBiegu #Blizzard #CodeInjection #Haktywizm #Starcraft

https://sekurak.pl/w-jaki-sposob-exploit-typu-content-injection-moze-zniszczyc-spolecznosc-kultowej-gry-rts/

W jaki sposób exploit typu Content Injection może zniszczyć społeczność kultowej gry RTS?

StarCraft: Brood War i jego następca StarCraft 2 to ikony gatunku RTS (strategii czasu rzeczywistego) oraz jedne z najważniejszych gier komputerowych w historii, które od dekad cieszą się aktywną społecznością i profesjonalną sceną e-sportową. Jednak StarCraft 2 stoi obecnie przed poważnymi problemami, które zagrażają jego dalszemu rozwojowi i funkcjonowaniu gry....

Sekurak
N-gated Hacker NewsJun 6, 2025
🚨 ALERT 🚨: Someone figured out that your precious #Dependabot can be manipulated like a sneaky teenager with an unlimited credit card! 🤦‍♂️ Congratulations, now bots can help hackers throw a party in your codebase complete with command injection fireworks. 🎉 Keep pretending your #AppSec is secure, it'll be fun!
https://boostsecurity.io/blog/weaponizing-dependabot-pwn-request-at-its-finest #Vulnerability #CodeInjection #SecurityAlerts #HackerNews #HackerNews #ngated
Weaponizing Dependabot: Pwn Request at its Finest

Learn how Dependabot can be co-opted to exploit some sensitive workflows, through the Confused Deputy Problem and branch name injections.

The DefendOps DiariesJun 4, 2025

Developers and gamers, listen up! Hackers are now using trusted tools and platforms to sneak in malicious code and clever scams. How are your projects staying secure in this evolving threat landscape?

https://thedefendopsdiaries.com/the-evolving-threat-landscape-how-hackers-target-fellow-developers-and-gamers/

#cybersecurity
#infosectrends
#codeinjection
#socialengineering
#gamerssecurity

Hacker NewsMar 16, 2025

Someone copied our GitHub project, added stars, and injected malicious code

https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/

#HackerNews #GitHub #Security #CodeInjection #MaliciousCode #OpenSource #Community

Anonymous 🐈️🐾☕🍵🏴🇵🇸 Feb 6, 2025
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. #codeinjection #CyberAlerts https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/
Microsoft says attackers use exposed ASP.NET keys to deploy malware

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online.

BleepingComputer
83r71nJul 15, 2024

A recent cybersecurity study revealed a sophisticated malware campaign targeting NuGet, a package manager for .NET applications. Attackers used homoglyphs, characters that look similar but have different codes (for example, the number '0' and the letter 'O', or the lowercase 'l' and the uppercase 'I'), to create fake packages that seemed legitimate but contained malicious code. They also employed IL weaving, a method that alters .NET binaries to insert harmful modules disguised as legitimate ones. This campaign involved around 60 packages and 290 versions, highlighting the need for increased vigilance in software supply chains.

https://thecyberexpress.com/homoglyphs-il-weaving-malicious-nuget-campaign/

#cybersecurity #NuGet #malware #homoglyphs #ILWeawing #malwarecampaign #DotNet #CodeInjection #SecurityResearch

Malicious NuGet Packages Hidden With Homoglyphs and IL Weaving

A sophisticated malware campaign targeting the NuGet package manager employed advanced techniques such as homoglyphs and IL weaving to evade detection.

The Cyber Express