121 matches found
SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware
New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st…...
CVE-2025-54072
yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is used on Windows with the default placeholder or , insufficient sanitization is applied to the expanded filepath, allowing for remote code execution. This is a bypass of the...
CVE-2025-27210
An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of path.join API...
CVE-2025-6513
Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...
CVE-2025-6513
Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...
CVE-2025-6513
CVE-2025-6513 affects BRAIN2: a vulnerability where standard Windows users can access and decrypt the database-access configuration file. Technical details across connected sources indicate the issue stems from insufficient protection of the configuration file storing database credentials, enabli...
CVE-2025-48064
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Prior to version 3.4.20-beta3, an attacker convincing a user to view a file in a commit of their making in the history view can cause information disclosure by means of Git attempting to access a network...
CVE-2024-42474
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit apps on Windows were vulnerable to a path traversal vulnerability when the static file shari...
CVE-2022-47631
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...
CVE-2025-48064
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Prior to version 3.4.20-beta3, an attacker convincing a user to view a file in a commit of their making in the history view can cause information disclosure by means of Git attempting to access a network...
CVE-2025-48064 GitHub Desktop vulnerable to maliciously crafted file renames leading to information disclosure
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Prior to version 3.4.20-beta3, an attacker convincing a user to view a file in a commit of their making in the history view can cause information disclosure by means of Git attempting to access a network...
CVE-2025-48064 GitHub Desktop vulnerable to maliciously crafted file renames leading to information disclosure
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Prior to version 3.4.20-beta3, an attacker convincing a user to view a file in a commit of their making in the history view can cause information disclosure by means of Git attempting to access a network...
CVE-2025-48064
GitHub Desktop on Windows prior to 3.4.20-beta3 is vulnerable: when viewing a file diff in the history view, Git calls git log/diff with the commit SHA and file names, and realpath traversal may cause Git to access a UNC network path, potentially leaking environment data via NTLM authentication (...
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails
Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is "using crafted emails that impersonate invoice...
Neptune RAT Variant Spreads via YouTube to Steal Windows Passwords
A new Neptune RAT variant is being shared via YouTube and Telegram, targeting Windows users to steal passwords and deliver additional malware components...
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
An advanced persistent threat APT group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has...
CVE-2025-0118 GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this...
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of...
Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots
The New Snake Keylogger variant targets Windows users via phishing emails, using AutoIt for stealth. Learn how it…...
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,...