WordPress Mass Messaging in BuddyPress Plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Mass Messaging in BuddyPress versions = 2.2.1...

Matrix 安全漏洞

Matrix is a new ecosystem of Matrix open source for open federated instant messaging and VoIP. A security vulnerability exists in Matrix that stems from uncontrolled disk consumption, resulting in a denial of service...

Git 安全漏洞

Git is a free, open-source distributed version control system open-sourced by Git. A security vulnerability exists in Git that stems from an unprotected ANSI escape sequence in sideband channel messaging, which can be exploited by malicious people to hide or distort information or mislead users...

The ‘Largest Illicit Online Marketplace’ Ever Is Growing at an Alarming Rate, Report Says

Huione Guarantee, a gray market researchers believe is central to the online scam ecosystem, now includes a messaging app, stablecoin, and crypto exchange—while facilitating $24 billion in transactions...

The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)

This week on the Lock and Code podcast … The era of artificial intelligence everything is here, and with it, come everyday surprises into exactly where the next AI tools might pop up. There are major corporations pushing customer support functions onto AI chatbots, Big Tech platforms offering AI...

The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)

This week on the Lock and Code podcast … The era of artificial intelligence everything is here, and with it, come everyday surprises into exactly where the next AI tools might pop up. There are major corporations pushing customer support functions onto AI chatbots, Big Tech platforms offering AI...

CVE-2023-27639

creationtimestamp| type| source ---|---|--- 2025-01-09 20:17:14+00:00| exploited| https://t.me/DarkWebInformerCVEAlerts/1056 2026-06-19 12:46:54+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7004c6a5-8f2b-4862-88ba-c0ad72ee74bd 2026-06-23 14:04:05+00:00|...

PT-2024-36755 · Ssl Wireless · Ssl Wireless Sms Notification

Name of the Vulnerable Software and Affected Versions: SSL Wireless SMS Notification versions n/a through 3.5.0 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in SSL Wireless SMS Notification, which allows Privilege Escalation. Recommendations: For versions n...

The vulnerability of Adobe Connect’s instant messaging program, related to deficiencies in access control, allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.

The vulnerability of Adobe Connect’s instant messaging service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...

IBM MQ Denial of Service Vulnerability (CNVD-2025-00308)

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM MQ versions 8.1.0 through 8.1.0.25, which stems from...

The vulnerability of Adobe Connect’s instant messaging program, related to the lack of protective measures for website structures, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Connect instant messaging program relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute XSS attacks by injecting malicious scripts into form fields...

MAL-2024-12080 Malicious code in security-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e96f0bbf94f55e5b85d255cf6cba166c4cf317c53beefb5911d773566a81f8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-52897

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned...

A week in security (December 9 &#8211; December 15)

Last week on Malwarebytes Labs: Encrypted messaging service intercepted, 2.3 million messages read by law enforcement TikTok ban in US: Company seeks emergency injunction to prevent it Data brokers should stop trading health and location data, new bill proposes Update now! Apple releases new...

[SECURITY] Fedora 40 Update: matrix-synapse-1.111.1-3.fc40

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

[SECURITY] Fedora 41 Update: matrix-synapse-1.118.0-3.fc41

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform allows attackers to execute SQL code through this attack.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform relates to the lack of security measures for handling SQL queries. Exploiting this vulnerability allows an attacker to carry out an attack by injecting SQL code by sending a specially crafted...

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform allows a hacker to execute arbitrary commands.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created data...

The vulnerability of the GroupMe mobile messaging app, related to insufficient validation of incoming requests, allows a hacker to elevate their privileges.

The vulnerability of the GroupMe mobile messaging app relates to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

CERT-UA Warns of Phishing Attacks Targeting Ukraine's Defense and Security Force

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 aka...