Lucene search
K

16 matches found

Wired Threat Level
Wired Threat Level
added 2026/02/04 7:52 p.m.8 views

Notepad++ Users, You May Have Been Hacked by China

Suspected Chinese state-backed hackers hijacked the Notepad++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows...

5.5AI score
Exploits0
CISA
CISA
added 2025/12/04 12:0 p.m.22 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score
Exploits0References10
CISA
CISA
added 2025/08/27 12:0 p.m.7 views

CISA and Partners Release Joint Advisory on Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage Systems

CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released a joint Cybersecurity Advisory on People’s Republic of China PRC state-sponsored Advanced Persistent Threat APT actors targeting critical infrastructure across sectors and continen...

7.7AI score
Exploits0References3
GithubExploit
GithubExploit
added 2025/08/15 3:45 p.m.106 views

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

The SUPERGROUP known as Scattered Lapsus$ Hunters - A combin...

10CVSS9.2AI score0.99359EPSS
Exploits18
The Hacker News
The Hacker News
added 2020/09/15 9:14 a.m.4 views

CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies

The US Cybersecurity and Infrastructure Security Agency CISA issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese Ministry of State Security-affiliated cyber threat...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/04 8:32 a.m.5 views

US Government Warns of a New Strain of Chinese 'Taidoor' Virus

Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks. Named "Taidoor, " the malware has done an 'excellent' job of compromising systems as early as...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/07/14 12:0 a.m.238 views

CVE-2020-1350 Windows DNS Server Remote Code Execution (SigRed)

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka ‘Windows DNS Server Remote Code Execution Vulnerability’. Recent assessments: gwillcox-r7 at July 14, 2020 6:11pm UTC reported: Important Update: This is now supposed...

10CVSS9.7AI score0.92178EPSS
In wildExploits21References8
ATTACKERKB
ATTACKERKB
added 2020/02/01 12:0 a.m.83 views

CVE-2020-8515

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1. Recent...

10CVSS9.7AI score0.99993EPSS
In wildExploits7References5
ATTACKERKB
ATTACKERKB
added 2019/07/31 12:0 a.m.99 views

CVE-2019-10189

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment. Recent assessments: gwillcox-r7 at October 20, 2020 6:57pm UTC reported: This is now supposedly being exploited in the wild by...

4.3CVSS1.6AI score0.00888EPSS
In wildExploits0References4
ATTACKERKB
ATTACKERKB
added 2019/06/12 12:0 a.m.139 views

CVE-2019-1040

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC Message Integrity Check protection, aka ‘Windows NTLM Tampering Vulnerability’. Recent assessments: gwillcox-r7 at October 20, 2020 6:01pm UTC reported: This is now...

5.9CVSS6.7AI score0.48043EPSS
In wildExploits6References2
ATTACKERKB
ATTACKERKB
added 2019/06/03 12:0 a.m.46 views

CVE-2019-11580

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits...

9.8CVSS9.7AI score0.95355EPSS
In wildExploits6References4
ATTACKERKB
ATTACKERKB
added 2019/04/09 12:0 a.m.76 views

CVE-2019-0803

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. Recent assessments: gwillcox-r7 at October 20, 2020 7:06pm UT...

7.8CVSS8.4AI score0.4523EPSS
In wildExploits28References4
ATTACKERKB
ATTACKERKB
added 2019/03/25 12:0 a.m.56 views

CVE-2019-3396

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 the fixed version for 6.6.x, from version 6.7.0 before 6.12.3 the fixed version for 6.12.x, from version 6.13.0 before 6.13.3 the fixed version for 6.13.x, and from version 6.14.0 before 6.14.2 the fixed version for...

10CVSS9.8AI score0.99913EPSS
In wildExploits20References7
ATTACKERKB
ATTACKERKB
added 2018/02/08 12:0 a.m.105 views

CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. Recent assessments: gwillcox-r7 at October 20, 2020 6:46pm UTC reported: This is now supposedly...

9.8CVSS9.7AI score0.82238EPSS
In wildExploits19References19
ATTACKERKB
ATTACKERKB
added 2017/08/11 12:0 a.m.48 views

CVE-2017-6327

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to t...

8.8CVSS8.9AI score0.35341EPSS
In wildExploits7References6
ATTACKERKB
ATTACKERKB
added 2015/11/18 12:0 a.m.377 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS8.6AI score0.96032EPSS
In wildExploits17References18
Rows per page
Query Builder