135 matches found
Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks
A 41-year-old former ransomware negotiator has been sentenced to nearly six years i.e., 70 months in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multiple victims and working with two other cybersecurity professionals to target...
Malicious code in ryan-pdf-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3d966501b5f533318c26b54887cd29b3cd6c9495035a0f74519ba349357e3eb [email protected] is an empty stub package index.js exports whose sole purpose is to deliver an off-registry payload at install time. Its package.js...
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The U.S. Department of Justice DoJ on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg , 40, of Georgia, and Kevin Martin , 36, of Texas, were accused of deploying th...
CVE-2026-27068
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Howard Website LLMs.txt website-llms-txt allows Reflected XSS.This issue affects Website LLMs.txt: from n/a through = 8.2.6...
Ryan Liles, master of technical diplomacy
Cisco Talos is back with another inside look at the people who keep the internet safe. This time, Amy chats with Ryan Liles, who bridges the gap between Cisco's product teams and the third-party testing labs that put Cisco products through their paces. Ryan pulls back the curtain on the delicate...
FileRise 安全漏洞
FileRise is a lightweight, self-hosted web-based file manager developed by Ryan as an individual developer. Versions of FileRise prior to 3.3.0 contained security vulnerabilities, which were caused by HTML injection, potentially allowing modifications to the DOM or redirecting users...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash repeatedly by sending crafted requests over multiple protocols with high privileges. Remediation...
WordPress Link Whisper Free plugin <= 0.8.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Ryan Novotny in WordPress Plugin Link Whisper Free versions = 0.8.8...
WordPress eMagicOne Store Manager for WooCommerce plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image() vulnerability
Unauthenticated Arbitrary File Upload via setimage vulnerability discovered by Ryan Kozak in WordPress Plugin eMagicOne Store Manager versions = 1.2.5...
WordPress Bread & Butter plugin <= 7.11.1374 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability
Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin Bread & Butter versions = 7.11.1374...
WordPress g-FFL Cockpit plugin <= 1.7.1 - Missing Authorization to Unauthenticated Information Exposure vulnerability
Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by Ryan Kozak in WordPress Plugin g-FFL Cockpit versions = 1.7.1...
WordPress AI Feeds plugin <= 1.0.11 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin AI Feeds versions = 1.0.11...
WordPress S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin <= 1.7.8 - Authenticated (Editor+) Arbitrary File Upload vulnerability
Authenticated Editor+ Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin S2B AI Assistant versions = 1.7.8...
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat aka ALPHV ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator aka "Co-Conspirator 1" based ...
WordPress Easy Invoice plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Ryan Novotny in WordPress Plugin Easy Invoice versions = 2.0.9...
EUVD-2007-1903
Malware in sbrugna...
EUVD-2025-31276
Malicious code in bioql PyPI...
EUVD-2025-3326
Malicious code in bioql PyPI...
EUVD-2025-17143
Malicious code in bioql PyPI...
EUVD-2024-52873
Malicious code in bioql PyPI...