Inside a fake Google security check that becomes a browser RAT

A website styled to resemble a Google Account security page is distributing what may be one of the most fully featured browser-based surveillance toolkits we have observed in the wild. Disguised as a routine security checkup, it walks victims through a four-step flow that grants the attacker push...

First Wap: A Surveillance Computer You’ve Never Heard Of

Mother Jones has a long article on surveillance arms manufacturers, their wares, and how they avoid export control laws: Operating from their base in Jakarta, where permissive export laws have allowed their surveillance business to flourish, First Wap's European founders and executives have quiet...

EUVD-2014-2744

Malware in sbrugna...

EUVD-2022-46483

Malicious code in bioql PyPI...

EUVD-2022-48313

Malicious code in bioql PyPI...

EUVD-2022-49520

Malicious code in bioql PyPI...

EUVD-2025-24249

Malicious code in bioql PyPI...

EUVD-2022-50161

Malicious code in bioql PyPI...

EUVD-2022-50659

Malicious code in bioql PyPI...

EUVD-2022-46456

Malicious code in bioql PyPI...

CVE-2025-40746

SIMATIC RTLS Locating Manager (versions prior to V3.2) contains an input validation issue in the backup script path that can be exploited by an authenticated remote attacker with high privileges to execute arbitrary code with SYSTEM privileges. Multiple connected sources (Red Hat CVE page, NVD en...

Siemens SIMATIC RTLS Locating Manager

SUMMARY SIMATIC RTLS Locating Manager Before V3.2 contains an improper input validation vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges. Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to...

Siemens 多款产品 安全漏洞

SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. A security vulnerability exists in Siemens SIMATIC RTLS Locating Manager because the affected SIMATIC RTLS Locating Manager Tra...

CVE-2022-47917

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition...

CVE-2022-47911

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...

CVE-2022-43455

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the servicestart, servicestop, and servicerestart modules of the software. This could allow an attacker to start, stop, or restart arbitrary...

CVE-2022-47395

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service...

CVE-2022-46733

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...

CVE-2022-41989

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service...

Cross site scripting

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...