Recent 0day Threat Intelligence Alert from Darknet

Firefox Fixes Critical 0day Vulnerability CVE-2024-9680 (CVSS Score: 9.8)

The Tor Project has released an emergency update for the Tor Browser (version 13.5.7) to address the CVE-2024-9680 vulnerability, which has been actively exploited in the wild.

“Exploiting this vulnerability allows attackers to control the Tor Browser, but it might not affect your anonymity on Tails,” it said. “Mozilla is aware that this attack is being used against Tor Browser users in the wild.”

On October 11, 2024, Mozilla stated in another post that it had received a sample from ESET containing a complete exploit chain that allows remote code execution. Mozilla also revealed that it released a fix within 25 hours of responsible disclosure.

Concerns Over the Complete Fix of Firefox CVE 9.8 0day Vulnerability

I don’t quite understand it. This CVE is a Use-After-Free (UAF) vulnerability in the animation timeline. It’s a CSS feature used to specify the progress of CSS animations.

I’ve tracked down the commit, which can be found here: https://t.co/N317ooKUaj

From my understanding, it appears that the animation was never actually removed (I might be completely wrong, I’m very tired and have had a few drinks). Interestingly, it seems to also affect scroll timeline animations.

iTunes 0day Privilege Escalation Vulnerability

A serious Local Privilege Escalation (LPE) vulnerability has been discovered in iTunes version “12.13.2.3”. CVE-2024-44193. However, it was patched in the September update. A proof of concept (PoC) has been published.

https://support.apple.com/en-us/121328
https://github.com/mbog14/CVE-2024-44193

Latest Chinese Virtual Currency User Database Leak, 1 Million Rows (September 2024)

Forum users commented that the data is quite old. It appears that the leak originated from a mobile app, highlighting the importance of not downloading random apps.

BlackBasta Ransomware Group Seeking to Purchase Windows RCE 0day for Attacks

This article is written by Duyan Intelligence.

I'm Carrie, a cybersecurity engineer and writer, working for SafeLine Team. SafeLine is an open source web application firewall, self-hosted, very easy to use.