Hackers executed a sophisticated supply chain attack on AV Solutions (JAVS), a Kentucky-based provider of software for recording critical meetings, including city council sessions. They replaced the legitimate JAVS software with a backdoored version signed with a valid certificate from another company. The malicious version, containing a backdoor that deactivates antimalware controls and steals credentials, has been designated CVE-2024-4978 by CISA.
In other words, mfs are BUGGIN
