94 matches found
EUVD-2013-4378
Malware in sbrugna...
EUVD-2021-18240
Malware in sbrugna...
EUVD-2013-4640
Malware in sbrugna...
EUVD-2014-4926
Malware in sbrugna...
EUVD-2011-4246
Malware in sbrugna...
EUVD-2019-0044
Malware in sbrugna...
EUVD-2014-4927
Malware in sbrugna...
EUVD-2014-0016
Malware in sbrugna...
EUVD-2013-4289
Malware in sbrugna...
EUVD-2022-2789
Malicious code in bioql PyPI...
CVE-2021-31330
A Cross-Site Scripting XSS vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent...
On the Feasibility of Using MultiModal LLMs to Execute AR Social Engineering Attacks
Augmented Reality AR and Multimodal Large Language Models LLMs are rapidly evolving, providing unprecedented capabilities for human-computer interaction. However, their integration introduces a new attack surface for social engineering. In this paper, we systematically investigate the feasibility...
A Tumultuous Week for Federal Cybersecurity Efforts
Image: Shutterstock. Greg Meland. President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation's cybersecurity posture. The president fired all advisors from the Department of Homeland Security's Cyber Safety Review...
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security DHS. "In alignment with the Department of Homeland Security's DHS commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our...
On the Cyber Safety Review Board
When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrikes faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to t...
BIT-REVIEWBOARD-2021-31330
A Cross-Site Scripting XSS vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent...
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater aka...
Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
GHSA-6G7X-4C7M-G63M Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
GHSA-W7RQ-8F2G-JVQR Djiblets Cross-site scripting Vulnerability via JSON Objects
A cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user...