Cybersecurity researchers warn hackers are targeting users with outdated Office programs using an infostealing malware called Agent Tesla. A phishing campaign delivers an Excel document which uses a memory corruption weakness in outdated versions to download additional files. The Agent Tesla malware is described as an advanced keylogger and remote access trojan capable of harvesting information discreetly.
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute.
