168 matches found
EUVD-2021-13356
Malware in sbrugna...
EUVD-2019-18866
Malware in sbrugna...
EUVD-2020-28387
Malware in sbrugna...
EUVD-2024-54431
Malicious code in bioql PyPI...
EUVD-2023-26861
Malicious code in bioql PyPI...
EUVD-2024-32583
Malicious code in bioql PyPI...
Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer
New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam...
Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries
The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries. NotDoor "is a VBA macro for Outlook designed to monitor incoming emails for a...
Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America
A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...
📄 RAD FT Dell Firmware A00-00 Privilege Escalation
RAD FT Firmware versions A00-00 Build WP0000051154 and prior are susceptible to a privilege escalation vulnerability due to a failure to properly filter the user-supplied input through the .NET Profiler. Exploit name: RAD FT Dell Firmware Download link:...
CVE-2019-17449
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM privileges...
CVE-2019-13208
WavesSysSvc in Waves MAXX Audio allows privilege escalation because the General registry key has Full Control access for the Users group, leading to DLL side loading. This affects WavesSysSvc64.exe 1.9.29.0...
CVE-2024-12530
Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client applicatio...
CVE-2024-12530
Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client applicatio...
CVE-2024-12530 Insecure Dynamic-Link Library (DLL) Load vulnerability
Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client applicatio...
CVE-2024-12530
CVE-2024-12530 affects OpenText Secure Content Manager (Windows), specifically version 23.4, due to an Uncontrolled Search Path Element that enables DLL side-loading. This can allow end users to execute malicious code in the trusted context of the thick-client. The issue is locally exploitable wi...
PT-2025-17020 · Opentext · Opentext Secure Content Manager
Name of the Vulnerable Software and Affected Versions: OpenText Secure Content Manager version 23.4 Description: The issue is related to an Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows, which allows DLL Side-Loading. This could potentially be...
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients int...
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives
A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a file created during the installation of the...
RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an...