EUVD-2025-25917

Malicious code in bioql PyPI...

CVE-2025-58218

CVE-2025-58218 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin Small Package Quotes – USPS Edition (enituretechnology) affecting versions n/a through 1.3.9. The issue is described as PHP Object Injection via untrusted data deserialization, leading to potential ...

CVE-2025-58218 WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition small-package-quotes-usps-edition allows Object Injection.This issue affects Small Package Quotes – USPS Edition: from n/a through = 1.3.9...

WordPress USPS Shipping for WooCommerce – Live Rates plugin <= 1.9.4 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin USPS Shipping for WooCommerce – Live Rates versions = 1.9.4...

WordPress USPS Shipping for WooCommerce plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin USPS Shipping for WooCommerce – Live Rates versions = 1.9.2...

New iMessage Phishing Campaign Targets Postal Service Users Globally

By Waqas Some of the known targets of this iMessage phishing campaign are USPS the United States Postal Service, DHL, Evri, Australia Post, Bulgarian Posts, and Singapore Post. This is a post from HackRead.com Read the original post: New iMessage Phishing Campaign Targets Postal Service Users...

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip f...

US Postal Service Files Blockchain Voting Patent

The US Postal Service has filed a patent on a blockchain voting method: Abstract: A voting system can use the security of blockchain and the mail to provide a reliable voting system. A registered voter receives a computer readable code in the mail and confirms identity and confirms correct ballot...

US Postal Service Files Blockchain Voting Patent

The US Postal Service has filed a patent on a blockchain voting method: Abstract: A voting system can use the security of blockchain and the mail to provide a reliable voting system. A registered voter receives a computer readable code in the mail and confirms identity and confirms correct ballot...

US Postal Service Files Blockchain Voting Patent

The US Postal Service has filed a patent on a blockchain voting method: Abstract: A voting system can use the security of blockchain and the mail to provide a reliable voting system. A registered voter receives a computer readable code in the mail and confirms identity and confirms correct ballot...

FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Android mobile device users are being targeted in a new SMS phishing campaign that’s spreading the FakeSpy infostealer. The malware, which is disguised as legitimate global postal-service apps, steals SMS messages, financial data and more from the victims’ devices. The campaign was first discover...

The Postal Service's Surprising Role in Surviving Doomsday

The little-known Postal Plan, which dates back to the Clinton era, charges mail carriers with delivering critical supplies—like vaccines—as a last resort...

US Postal Service Left 60 Million Users Data Exposed For Over a Year

The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The U.S.P.S. is an independent agency of the American federal government responsible for providing postal...

Maliciously Changing Someone's Address

Someone changed the address of UPS corporate headquarters to his own apartment in Chicago. The company discovered it three months later. The problem, of course, is that in the US there isn't any authentication of change-of-address submissions: According to the Postal Service, nearly 37 million...

Secret Service Warns of Chip Card Scheme

The U.S. Secret Service is warning financial institutions about a new scam involving the temporary theft of chip-based debit cards issued to large corporations. In this scheme, the fraudsters intercept new debit cards in the mail and replace the chips on the cards with chips from old cards. When...

USPS ‘Informed Delivery’ Is Stalker’s Dream

A free new service from the U.S. Postal Service that provides scanned images of incoming mail before it is slated to arrive at its destination address is raising eyebrows among security experts who worry about the service's potential for misuse by private investigators, identity thieves, stalkers...

Anthem Data Breach — 6 Things You Need To Know

The Nation’s second largest Health insurer company, Anthem, alerted its customers on Wednesday that hackers had stolen the personal information of over 80 Millions of its customers, making it the largest data breach and double the number of payment cards affected by Target data breach occurred in...

FTC Releases "Package Delivery" Themed Scam Alert

The Federal Trade Commission FTC has released a Scam Alert addressing a "Package Delivery" themed phishing campaign regarding package delivery notifications from the U.S. Postal Service. Scam operators often use false information linked to reputable organizations to imply the email is legitimate...

Chinese Attackers Hack NOAA's Systems

Systems belonging to the National Oceanic and Atmospheric Administration NOAA were recently compromised, purportedly by Chinese hackers. The NOAA confirmed that four of the scientific agency’s websites were targeted and compromised in an “internet-sourced attack” earlier this fall, in a statement...

New Phishing attack targets Italian Postal and Financial service again

A phishing attack is a complex combination of technology and psychology. There are numerous ways in which people are being made fools and they can be conned by hitting on unsecured website links. Sophos experts detected this week an intriguing case of phishing against the Italian postal service...