Threat Advisories

Deserialization of untrusted data by Fastjson library leads to RCE

June 20, 2022

Threat Level

Red

Vulnerability Report

For a detailed advisory, download the pdf file here

Summary

Applications using the Fastjson java library are impacted by remote code execution vulnerability.

GALLIUM targets Telecommunications sector using new PingPull tool

Iranian APT targets Middle East’s Energy & Telecommunications industry