WordPress Thebe theme <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Thebe versions = 1.3.0...

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services IIS servers located across Asia, bu...

WordPress Myour theme <= 1.5.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Myour versions = 1.5.1...

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy...

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing...

ShinyHunters Leak Data from Qantas, Vietnam Airlines and Other Major Firms

ShinyHunters and its affiliate hackers have leaked data from 6 firms, including Qantas and Vietnam Airlines, after claiming to breach 39 companies via a Salesforce vulnerability...

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileg...

EUVD-2023-57642

Malicious code in bioql PyPI...

EUVD-2024-22248

Malicious code in bioql PyPI...

UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud

Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in search engine optimization SEO fraud and theft of high-value credentials, configuration files, and certificate data. Cisco's file census and DNS analysis show affected Internet Information Servic...

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

Cybersecurity researchers are calling attention to a search engine optimization SEO poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed...

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which can be exploited by attackers to conduct clickjacking attacks...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which can be exploited by attackers to cause a brute force attack...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from a missing Secure attribute, which can be exploited by an attacker to cause session hijacking...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from an insufficient authentication attempt limit and can be exploited by an attacker to cause a...

WordPress Samex - Clean, Minimal Shop WooCommerce WordPress Theme <= 2.6 - Local File Inclusion Vulnerability

WordPress Samex - Clean, Minimal Shop WooCommerce WordPress Theme = 2.6 - Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Samex - Clean, Minimal Shop WooCommerce WordPress Theme versions = 2.6...

Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers

Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for…...

CVE-2024-24885

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lê Văn Toản Woocommerce Vietnam Checkout allows Stored XSS.This issue affects Woocommerce Vietnam Checkout: from n/a through 2.0.7...

Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities...