206 matches found
EUVD-2018-6872
Malware in sbrugna...
EUVD-2017-8341
Malware in sbrugna...
EUVD-2016-5606
Malware in sbrugna...
EUVD-2018-6868
Malware in sbrugna...
EUVD-2012-2311
Malware in sbrugna...
EUVD-2025-30892
Malicious code in bioql PyPI...
EUVD-2025-24981
Malicious code in bioql PyPI...
CVE-2025-10184
The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent. The user is also not notified that SMS data is being accessed. This could lead to sensitive information...
Exploiting API4 — 8 Real-World Unrestricted Resource Consumption Attack Scenarios (and How to Stop Them)
Unrestricted Resource ConsumptionAPI4:2023 is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service DoS and resource abuse. But despite being just one category, attackers can exploit it in many different ways; from large file uploads and expensive...
Police Bust Crypto Scammers, Nab Smishing SMS Blaster Operator
Thai police arrest SMS Blaster operator in smishing scam and bust crypto laundering gang moving $30M monthly through…...
WordPress SMS Alert Order Notifications plugin <= 3.8.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by ChuongVN in WordPress Plugin SMS Alert Order Notifications versions = 3.8.5...
New warning issued over toll fee scams
Over a year ago the FBI warned about what was then a new form of smishing phishing via SMS scam: text messages that demanded payment for toll fees. The FTC sent out a similar warning in January, 2025. Then, in April another wave of toll fee scams began doing the rounds. Now the Departments of Mot...
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2021-20071
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs...
CVE-2018-14991
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
CVE-2019-15346
The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
Smishing Triad: The Scam Group Stealing the World’s Riches
Millions of scam text messages are sent every month. The Chinese cybercriminals behind many of them are expanding their operations—and quickly innovating...
PT-2025-14091 · WordPress · Sms Alert Order Notifications
Name of the Vulnerable Software and Affected Versions: SMS Alert Order Notifications – WooCommerce plugin for WordPress versions up to, and including, 3.7.9 Description: The issue allows for privilege escalation via account takeover. This is due to the plugin using the Host header to determine if...
ZTE MF296R 安全漏洞
The ZTE MF296R is a wireless router from ZTE Corporation ZTE of China. A security vulnerability exists in the ZTE MF296R that stems from insufficient validation of the length of SMS parameters, which could be exploited by an authenticated attacker to perform a denial of service attack...
How to avoid election related scams
With the US election campaigns at full throttle, scammers have taken a renewed interest in the ways this can be used to defraud people, often using the same tactics legitimate campaigns leverage for support emails, text messages, phone calls, and social media pleas. The lure that we have seen the...