Lucene search
K

9 matches found

HackRead
HackRead
added 2026/05/15 10:30 a.m.20 views

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/21 3:28 p.m.32 views

Fake calendar invites are spreading. Here’s how to remove them and prevent more

We’re seeing a surge in phishing calendar invites that users can’t delete, or that keep coming back because they sync across devices. The good news is you can remove them and block future spam by changing a few settings. Most of these unwanted calendar entries are there for phishing purposes. Mos...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-18909

Malware in sbrugna...

6.1CVSS6.3AI score0.02186EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/02/04 12:0 a.m.1 views

PT-2024-18197 · Microsoft · Outlook

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: A critical issue in the calendar feature of Microsoft Outlook exposes Windows login credentials to remote theft. To protect against this, enabling multi-factor authentication is...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.4 views

PT-2023-7682 · Microsoft · Outlook

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: The issue is related to the calendar sharing function in Microsoft Outlook, which can be exploited to access NT LAN Manager NTLM v2 hashed passwords. Attackers can steal NTLM...

7.8CVSS9.5AI score0.17559EPSS
Exploits1References81
Microsoft KB
Microsoft KB
added 2020/07/07 12:0 a.m.5 views

July 7, 2020, update for Office 2016 (KB4484174)

July 7, 2020, update for Office 2016 KB4484174 This article describes update 4484174 for Microsoft Office 2016 that was released on July 7, 2020.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to Offi...

6.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/02/12 8:0 a.m.39 views

Description of the security update for Office 2016: February 12, 2019

Description of the security update for Office 2016: February 12, 2019 Summary This security update resolves a security feature bypass vulnerability that exists when Microsoft Office does not validate URLs. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures...

5.5CVSS5.5AI score0.12783EPSS
Exploits0
OSV
OSV
added 2017/11/27 10:29 a.m.4 views

CVE-2017-16962

The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...

6.1CVSS5.8AI score0.02186EPSS
Exploits1References2
hackapp
hackapp
added 2016/04/01 8:51 a.m.13 views

Outlook Calendar Transfer Full - Base64 encoded String, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Outlook Calendar Transfer Full published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder