Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. References 4. Learn more Microsoft Threat Intelligence has identified an active multi-stage intrusion campaign targeting organizations in the hospitality and hotel industry since April 2026. We’ve observed this...

EUVD-2026-24537

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

CVE-2026-28677 OpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal access

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing...

PT-2022-11089 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.4 through 14.4.4 GitLab CE/EE versions 14.5.0 through 14.5.2 GitLab CE/EE versions 14.6.0 through 14.6.1 Description: The issue concerns a server-side request forgery protection failure in GitLab CE/EE. This failure...

Multiple Cisco Products Privilege License and Access Control Issues Vulnerability (CNVD-2020-00298)

Cisco Firepower Management Center FMC and so on are the products of the United States Cisco Cisco company.Cisco Firepower Management Center is a new generation of firewall management center software.Cisco Firepower Threat Defense FTD is a set of unified software to provide next-generation firewal...

The vulnerability of the components responsible for checking microprogramming software-based network interface controllers in Cisco Firepower Threat Defense, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center network management software allows attackers to bypass the configured content filters and compromise the integrity of the protected information.

The vulnerability of the components responsible for detecting protocols in Microprogrammable Network Interface Cards from Cisco Firepower Threat Defense, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center software arises due to errors in detecting initial protocol...

PT-2019-3169 · Cisco · Cisco Firepower Services Software For Asa +2

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense Software affected versions not specified Cisco FirePOWER Services Software for ASA affected versions not specified Cisco Firepower Management Center Software affected versions not specified Description: A...

SquirrelMail: Mail Fetch plugin -- port-scans via non-standard POP3 server ports

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number...