3059 matches found
Photon OS 5.0: Powershell PHSA-2025-5.0-0577
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0577. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Exploit for Improper Restriction of XML External Entity Reference in Sysaid
From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Atta...
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named...
Linux Distros Unpatched Vulnerability : CVE-2022-39327
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection...
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA...
Think before you Click(Fix): Analyzing the ClickFix social engineering technique
Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 WinRAR: WinRAR path traversal allowing arbit...
CVE-2025-9016
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware
The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation of a vulnerabilit...
CVE-2025-9016
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016 Mechrevo Control Center GX V2 Powershell Script Command uncontrolled search path
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016 Mechrevo Control Center GX V2 Powershell Script Command uncontrolled search path
A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...
CVE-2025-9016
CVE-2025-9016 concerns Mechrevo Control Center GX V2 (version 5.56.51.48). The vulnerability arises in the Powershell Script Handler component, specifically the file path C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command, where an uncontrolled search path condition is reported....
Mechrevo Control Center GX V2 安全漏洞
Mechrevo Control Center GX V2 is a system level control software from China-based Mechrevo. A security vulnerability exists in Mechrevo Control Center GX V2 version 5.56.51.48, which originates from an uncontrolled search path in the component Powershell Script Handler...
PT-2025-33449 · Unknown · Mechrevo Control Center Gx V2
Name of the Vulnerable Software and Affected Versions: Mechrevo Control Center GX V2 version 5.56.51.48 Description: A vulnerability was identified that leads to an uncontrolled search path within the Powershell Script Handler component. The vulnerability affects the file C:Program...
Malicious code in vsts-powershell-task (npm)
The package communicates with a domain associated with malicious activity...
Powershell Exec
Execute an x64 payload from a command via PowerShell Module Options msf use payload/cmd/windows/powershell/x64/downloadexec msf payloaddownloadexec show actions ...actions... msf payloaddownloadexec set ACTION msf payloaddownloadexec show options ...show and set options... msf payloaddownloadexec...
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot. "PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious activities on infected systems,...
Microsoft Windows - Storage QoS Filter Driver Checker
Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...