29 matches found
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, moder...
Outlook add-in goes rogue and steals 4,000 credentials and payment data
Researchers found a malicious Microsoft Outlook add-in which was able to steal 4,000 stolen Microsoft account credentials, credit card numbers, and banking security answers. How is it possible that the Microsoft Office Add-in Store ended listing an add-in that silently loaded a phishing kit insid...
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fa...
EUVD-2020-4148
Malware in sbrugna...
EUVD-2019-7794
Malware in sbrugna...
EUVD-2018-10826
Malware in sbrugna...
EUVD-2023-49987
Malicious code in bioql PyPI...
CVE-2024-29209
A medium severity vulnerability has been identified in the update mechanism of the Phish Alert Button for Outlook, which could allow an attacker to remotely execute arbitrary code on the host machine. The vulnerability arises from the application's failure to securely verify the authenticity and...
CVE-2019-17390
An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359...
CVE-2023-45698
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
CVE-2023-45698
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
Code injection
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
CVE-2023-45698
CVE-2023-45698 affects the HCL Sametime Outlook add-in, with lack of clickjacking protections as the root cause. The CVSSv3.1 base score is 6.1 (Medium); attack vector: Network; user interaction required; confidentiality/integrity impact low, availability none. Connected sources confirm the issue...
CVE-2023-45698 HCL Sametime is impacted by clickjacking
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
CVE-2023-45698 HCL Sametime is impacted by clickjacking
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
MS Teams Outlook Add-in missing
MS Teams is installed on the Master Image MS Teams Outlook Add-in is visible on the Master Image session MS Teams Outlook Add-in is missing on the MCS/PVS VDAs...
Adobe Acrobat PDF Maker Outlook Add-in not working when elastically layered.
Outlook add-in not working for Adobe PDF Maker. Attempting use Adobe Acrobat Reader and Acrobat Pro with one on the base image and the other as an elastic layer...
September 30, 2021—KB5005611 (OS Builds 19041.1266, 19042.1266, and 19043.1266) Preview
September 30, 2021—KB5005611 OS Builds 19041.1266, 19042.1266, and 19043.1266 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version...
September 27, 2021—KB5005619 (OS Build 20348.261) Preview
September 27, 2021—KB5005619 OS Build 20348.261 Preview Improvements and fixes This non-security update includes quality improvements. Key changes include: Addresses an issue that might prevent users from opening phone apps that are pinned to the taskbar. This issue occurs after they update to th...
CVE-2020-11806
In MailStore Outlook Add-in and Email Archive Outlook Add-in through 12.1.2, the login process does not validate the validity of the certificate presented by the server...