U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

vBulletin security patches and zero-day exploit available online

Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches. On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of users’ records. The hacker published screenshots […]

vBulletin security patches and zero-day exploit available online

Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches.

On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of users’ records.

The hacker published screenshots that show he managed to upload a shell to the vBulletin forum website and accessed user personal information, including user IDs, names, email addresses, security questions and answers, and password salts).

In response to the attack, VBulletin Solutions has reset the passwords for over 300,000 accounts on the official website, and The vBulletin technical support has released an emergency security patch release for versions 5.1.4 through 5.1.9 of the vBulletin Internet forum software.

“Very recently, our security team discovered a sophisticated attack on our network. Our investigation indicates that the attacker may have accessed customer IDs and encrypted passwords on our systems,” explained a vBulletin support manager.

It’s not clear if the patches were released because the attacker exploited a zero-day flaw in the platform, the hacker in fact claimed to have compromised the vBulletin.com database exploiting an unknown vulnerability. On Monday, the hacker using the online moniker “Coldzer0” started offering for sale a zero-day vBulletin exploit (“vBulletin 5.x.x Remote Code Execution 0day Exploit”) on a website that specializes in the exploit trading.

Tuesday, after vBulletin released the security patches, a the Twitter account @_cutz published the details of a remote code execution flaw in vBulletin. The experts speculate the existence of the flaw for the past three years.

vBulletin zero-day

The offer also includes a video POC of the vBulleting zero-day Exploit:

https://youtu.be/5x4upULiQ4s

 

vBulletin is a very popular platform, it is used by more than 100,000 community websites, including some operated by Electronic Arts, Sony Pictures and Valve Corporation.

VBulletin is urging all users to update their installations as soon as possible.

Pierluigi Paganini

(Security Affairs – vBulletin forum, hacking)