397 matches found
Mac users warned about new DigitStealer information stealer
A new infostealer called DigitStealer is going after Mac users. It avoids detection, skips older devices, and steals files, passwords, and browser data. We break down what it does and how to protect your Mac. Researchers have described a new malware called DigitStealer that steals sensitive...
CVE-2025-13083 Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008
Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before...
CVE-2025-20353
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...
CVE-2025-20353 Cisco Catalyst Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...
MAL-2025-191941 Malicious code in zakuraweb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aa544044c8a113eb904f97650e8132de793d3bab5a7328a3714495e3f6a2283e Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in zakuraweb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aa544044c8a113eb904f97650e8132de793d3bab5a7328a3714495e3f6a2283e Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191795 Malicious code in morosint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2118ab70535d0272c108e5a454745ae83d10cd3421d5989984ab961b348367b5 Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in morosint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2118ab70535d0272c108e5a454745ae83d10cd3421d5989984ab961b348367b5 Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
SAP Business Connector 跨站脚本漏洞
SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...
SUSE CVE-2016-11081
An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser...
CVE-2025-20289
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009 , where "CL" stands for cluster and "STA" refers to...
GO-2025-4062 Mattermost Server exposes information stored by a web browser in github.com/mattermost/mattermost-server
Mattermost Server exposes information stored by a web browser in github.com/mattermost/mattermost-server...
Malicious Package
Overview typescriptjs is a malicious package. This is a "typosquatting" package, which means the package name is based on existing repositories, namespaces, or components, it aims to trick users to download the package which contains a malicious code. Payload behavior The malicious payload runs...
stealer
Stealer C stealer Chrome, Opera ,Chromium ,Edg...
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP...
EUVD-2016-0272
Malware in sbrugna...
EUVD-2017-2939
Malware in sbrugna...
EUVD-2019-13973
Malware in sbrugna...
EUVD-2021-0125
Malware in sbrugna...