PT-2026-1563

Name of the Vulnerable Software and Affected Versions MoneySpace plugin for WordPress versions prior to 2.13.9 Description The MoneySpace plugin for WordPress exhibits a sensitive information exposure issue. The plugin stores complete payment card details – including Primary Account Number PAN,...

EUVD-2002-0932

Malware in sbrugna...

EUVD-2023-42603

Malicious code in bioql PyPI...

BidenCash Market Dumps 1 Million Stolen Credit Cards on Russian Forum

BidenCash dumps almost a million stolen credit card records on Russian forum, exposing card numbers, CVVs, and expiry dates in plain text with no cardholder names...

Microsoft’s AI Recall Tool Is Still Sucking Up Credit Card and Social Security Numbers

Plus: The US indicts North Koreans in fake IT worker scheme, file-sharing firm Cleo warns customers to patch a vulnerability amid live attacks, and more...

CVE-2023-35671

In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no addition...

CVE-2023-38830

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

CVE-2023-38830

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

CVE-2023-38830

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

Information disclosure

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

CVE-2023-38830

The CVE describes an information leak in PHPJabbers Yacht Listing Script v1.0 that allows exporting clients’ credit card numbers from the Reservations module. The affected software is PHPJabbers Yacht Listing Script (version 1.0). The vulnerability is described as an information disclosure flaw (...

CVE-2023-38830

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

CVE-2023-38830

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module...

CVE-2023-0443

The AnyWhere Elementor WordPress plugin before 1.2.8 discloses a Freemius Secret Key which could be used by an attacker to purchase the pro subscription using test credit card numbers without actually paying the amount. Such key has been revoked...

Police Dismantle SIM Swapping Gang in Spain

By Habiba Rashid Spanish Police confirmed that the SIM Swapping gang also used dark web forums to illegally obtain ID and credit card numbers through cryptocurrency purchases. This is a post from HackRead.com Read the original post: Police Dismantle SIM Swapping Gang in Spain...

167,000 stolen credit card numbers Exposed via PoS Malware

By Waqas The campaign was discovered in April 2022, but researchers believe the campaign occurred between February 2021 and September 8, 2022. This is a post from HackRead.com Read the original post: 167,000 stolen credit card numbers Exposed via PoS Malware...

PT-2022-18478 · Hcl · Hcl Notes

Name of the Vulnerable Software and Affected Versions: HCL iNotes affected versions not specified Description: The issue allows an attacker to trick a user into supplying sensitive information, such as username, password, or credit card numbers, by exploiting a link to a non-existent domain...

Spying on the spies. See what JavaScript commands get injected by in-app browsers

Developer and privacy expert Felix Krause aka KrauseFx announced this week that he had introduced a simple tool to list the JavaScript commands executed by iOS apps when they deployed an in-app web browser to render webpages. He already shared some eye-opening results on his Twitter feed. By...

CVE-2022-30740

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers...

Input validation

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers...