FakeSG enters the 'FakeUpdates' arena to deliver NetSupport RAT

Over 5 years ago, we began tracking a new campaign that we called FakeUpdates also known as SocGholish that used compromised websites to trick users into running a fake browser update. Instead, victims would end up infecting their computers with the NetSupport RAT, allowing threat actors to gain...

DotCMS SQL Injection Vulnerability (CNVD-2016-11002)

DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in the Site BrowserTemplates pages screen in versions of DotCMS prior to...