CVE-2014-4334

Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001...

PT-2025-53630

@Forbiddentwo2 It seems the post was deleted. I couldn't find any confirmed reports of Ubisoft's source code being leaked via MongoBleed, which is a newly disclosed MongoDB vulnerability CVE-2024-14847. The author may have removed it if the claim was unverified...

EUVD-2018-7690

Malware in sbrugna...

EUVD-2014-5340

Malware in sbrugna...

EUVD-2019-5882

Malware in sbrugna...

Ubisoft Entertainment多款产品 安全漏洞

Ubisoft Entertainment Heroes of Might and Magic III Complete, among others, is a turn-based strategy magic game by French company Ubisoft Entertainment. A security vulnerability exists in various Ubisoft Entertainment products, which originates from a buffer overflow that could lead to the...

CVE-2014-5453

Ubisoft Uplay PC before 4.6.1.3217 use weak permissions Everyone: Full Control for the program installation directory %PROGRAMFILES%\Ubisoft Game Launcher, which allows local users to gain privileges via a Trojan horse file...

Ubisoft Hackers Scrambled for 900GB of Data Before Foiled

By Deeba Ahmed The cyberattack on Ubisoft came just days after hackers from the Rhysida ransomware gang targeted Insomniac Games, the developers of Spider-Man 2. This is a post from HackRead.com Read the original post: Ubisoft Hackers Scrambled for 900GB of Data Before Foiled...

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent ...

services.nano.ubisoft.com Cross Site Scripting vulnerability OBB-3646294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

services-dev.nano.ubisoft.com Cross Site Scripting vulnerability OBB-3646293

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ubisoft.com Cross Site Scripting vulnerability OBB-3261078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ubisoft.com Cross Site Scripting vulnerability OBB-3108764

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Brazilian Police Arrest Suspected Member of Lapsus$ Hacking Group

The Federal Police of Brazil on Wednesday announced it had arrested an individual for purported links to the notorious LAPSUS$ extortionist gang. The arrest was made as part of a new law enforcement effort, dubbed Operation Dark Cloud, that was launched in August 2022, the agency noted. Not much ...

Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords

French video game company Ubisoft on Friday confirmed it was a victim of a "cyber security incident," causing temporary disruptions to its games, systems, and services. The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wid...

Cyber Security Incident Pushes Ubisoft to Issue Internal Password Reset

By Deeba Ahmed It is unclear what type of "Cyber Security Incident" Ubisoft suffered but on Telegram LAPSUS$ hacking group responded… This is a post from HackRead.com Read the original post: Cyber Security Incident Pushes Ubisoft to Issue Internal Password Reset...

Leading Game Publishers Hit Hard by Leaked-Credential Epidemic

Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. Over 500,000 stolen credentials tied to the top 25 gaming firms were found on caches of breached data online and u...

Kmart, Latest Victim of Egregor Ransomware – Report

Retail stalwart Kmart has suffered a ransomware attack at the hands of the Egregor gang, according to a report. The incident has encrypted devices and servers connected to the company’s networks, knocking out back-end services, according to BleepingComputer. The outlet obtained the purported rans...

Game Titles Watch Dogs: Legion, Albion Both Targeted by Hackers

A ransomware gang that just emerged this month dubbed Egregor claims to have hacked the source code to the upcoming gaming release, Watch Dogs: Legion. And in separate gaming news, a popular fantasy title called Albion — a massive multiplayer online role-playing game MMORPG — has been hacked...

support.ubisoft.com Cross Site Scripting vulnerability

Security Researcher 4NCURZE Helped patch 1373 vulnerabilities Received 7 Coordinated Disclosure badges Received 12 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting support.ubisoft.com website and its users. Following...