EvilSelenium - A Tool That Weaponizes Selenium To Attack Chromium Based Browsers

EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials via autofill Steal cookies Take screenshots of websites Dump Gmail/O365 emails Dump WhatsApp messages Download & exfiltrate files Add SSH keys to...

Metamorfo Returns with Keylogger Trick to Target Financial Firms

Researchers have discovered a recent spate of phishing emails spreading a new variant of Metamorfo, a financial malware known for targeting Brazilian companies. Now, however, it’s expanding its geographic range and adding a new technique. Metamorfo was first discovered in April 2018, in various...

Novell iPrint Client For Windows IPP Response Stack Buffer Overflow (CVE-2013-1091)

A stack buffer overflow vulnerability exists in Novell iPrint Client. The vulnerability is due to insufficient validation of IPP responses that can lead to a stack buffer overflow. Successful exploitation can allow an attacker to execute arbitrary code on a target system in the security context o...

Apple QuickTime for Java toQTPointer Function Memory Corruption (CVE-2007-2175)

Apple QuickTime is a multi-platform, industry-standard, multimedia software architecture. It is used by software developers, hardware manufacturers, and content creators to author and publish multiple media documents. Java is an object-oriented language that includes a set of libraries that...

nProtect Netizen has multiple vulnerabilities

Overview nProtect Netizen contains multiple vulnerabilities. - It may fetch update files from an arbitrary site - It may download and save malicious files - It may cause an abnormal web browser termination Impact A remote attacker could lead a user to save a malicious file to the local storage an...