38 matches found
The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards
AI agents may soon be buying your stuff for you. The FIDO Alliance has teamed up with Google and Mastercard to try to ensure that shopping in the near future isn't a complete disaster...
Malicious Package
Overview react-card-security-code is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.AXS4 (AXSA:2017-2469:04)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2469:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...
EUVD-2000-1158
Malware in sbrugna...
EUVD-2007-2632
Malware in sbrugna...
EUVD-2022-52569
Malicious code in bioql PyPI...
EUVD-2024-34545
Malicious code in bioql PyPI...
CVE-2025-8699
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers could potentially use this vulnerability to change the balance on the cards and generate money. The account balance is stored on an insecure MiFare Classic NFC card and can be read and written back. By...
CVE-2025-30124
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the dashcam, the existing password is written onto the SD card in cleartext automatically. An attacker with temporary access to the dashcam can switch the SD card to steal this password...
MAL-2025-5050 Malicious code in react-card-security-code (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1ee206260c832fcc9736dc58bdd69c339579082e7216fd531b76689c04730e5 Any computer that has this package installed or running should be considered...
CVE-2025-40650
Insecure Direct Object Reference IDOR vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards...
CVE-2019-20473
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use...
Denial Of Service (DoS)
Kernel is vulnerable to denial of service DoS. The Radeon GPU drivers in the Linux kernel were missing sanity checks for the Anti Aliasing AA resolve register values which could allow a local, unprivileged user to cause a denial of service or escalate their privileges on systems using a graphics...
A week in security (February 25 – March 3)
Last week, we delved into the realm of K-12 schools and security, explored the world of compromised websites and Golang bruteforcers, and examined the possible realms of pay for privacy. We also looked at identity management solutions, Google’s Universal Read Gadget, and did the deepest of dives...
How to Shop Online Like a Security Pro
'Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here's a quick refresher course on how to make it through the next few weeks without getting snookered...
SHEIN-Fashion Shopping Site Suffers Data Breach Affecting 6.5 Million Users
U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information PII of almost 6.5 million customers. Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online...
Buffer overflow
Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
Many well-known hotel chains, high-end brand hotels there are serious security vulnerabilities, massive open room information stored in the disclosure risk-vulnerability warning-the black bar safety net
Well-known Inn orange, Jinjiang Inn, the super eight, pudding; high-end hotel the MARRIOTT Hotel Group, MARRIOTT, Ritz Carlton, Starwood group, Sheraton, Le Meridien, W Hotels, Intercontinental Hotel Group, Holiday Inn, etc there is a serious security breach, the tenant Open House information at ...
Anthem Data Breach Could Affect Millions of Consumers
Attackers have compromised Anthem Inc., one of the larger health-care companies in the United States, gaining access to the Social Security numbers, birth dates, names, employment and income data and other personal information of an untold number of customers. The company says it is not sure yet...
Hackers leak 13,000 Passwords Of Amazon, Walmart and Brazzers Users
Hackers claiming affiliation with the hacktivist group "Anonymous" have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network. The stolen personal information was released in a massive...