398 matches found
EUVD-2021-0125
Malware in sbrugna...
EUVD-2020-26198
Malware in sbrugna...
EUVD-2018-17816
Malware in sbrugna...
EUVD-2025-27197
Malicious code in bioql PyPI...
EUVD-2025-24208
Malicious code in bioql PyPI...
EUVD-2025-24212
Malicious code in bioql PyPI...
EUVD-2025-24846
Malicious code in bioql PyPI...
DarkCloud Infostealer Relaunched to Grab Credentials, Crypto and Contacts
eSentire TRU analyses the new DarkCloud V4.2 infostealer, rewritten in VB6. Find out how the malware steals browser data, crypto, and contacts via targeted phishing...
XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory
Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in our March 2025 blog post. The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an...
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index PyPI repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. "SilentSync is capable of remote command execution, file exfiltration, and screen capturing,"...
New Raven Stealer Malware Hits Browsers for Passwords and Payment Data
New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it's a growing risk for everyday users...
CVE-2025-7746
CVE-2025-7746 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric ATV series (e.g., ATV340E, ATV6000/ATV6x, ATS490 Soft Starter, and related Altivar Drive/Module products). The root cause is improper neutralization of input during web page generation, allowing unvalidated data ...
CVE-2025-42920
Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim clicks on the link, the injected input is processed during the page generation,...
CVE-2025-42920
Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim clicks on the link, the injected input is processed during the page generation,...
CVE-2025-42938 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform
Due to a Cross-Site Scripting XSS vulnerability in the SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation,...
CVE-2025-20330
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...
CVE-2025-42948
Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...
CVE-2025-42948
Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...
CVE-2025-42942
SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Due to this, an unauthenticated attacker could craft a URL embedded with malicious script and trick an unauthenticated victim to click on it to execute the script. Upon successful exploitation, the attacker could...
CVE-2025-42975 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document)
SAP NetWeaver Application Server ABAP BIC Document allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victim's browser, allowing the attacker to acces...