A critical 0-day vulnerability (CVE-2024-34331) in Parallels Desktop allows local attackers to escalate privileges to root-level on macOS. All versions, including 20.2.1, are affected due to insufficient security in the macOS installer repackaging subsystem. Researchers revealed exploit techniques, urging immediate mitigation measures until an official patch is released. Active exploitation is expected.
Chinese hackers evade ESET with MAVInject.exe
Chinese hacking group Earth Preta has been found using a novel technique to bypass antivirus software using a valid Microsoft tool, MAVInject.exe. The group’s malware
