What’s new in Microsoft Security: May 2026

At Microsoft, security innovations are purpose-built to help every organization protect end-to-end with the speed and scale of AI. Our vision is simple: security should be ambient and autonomous, just like the AI it protects. As organizations accelerate AI adoption, security teams are navigating...

Malicious code in selfservsweeper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81843a6f21fe31627b1e97fdb8ffe41789c1f921c60512347bbf2b0c2fb30121 Package self-describes as a 'Touch-friendly Minesweeper overlay for NCR SelfServ kiosks', but the advertised CLI entrypoints selfservsweeper,...

MAL-2026-4221 Malicious code in selfservsweeper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81843a6f21fe31627b1e97fdb8ffe41789c1f921c60512347bbf2b0c2fb30121 Package self-describes as a 'Touch-friendly Minesweeper overlay for NCR SelfServ kiosks', but the advertised CLI entrypoints selfservsweeper,...

PT-2026-38438

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

CVE-2026-35455

Immich (self-hosted photo/video management) has a Stored XSS in the 360° panorama viewer prior to version 2.7.0. An authenticated user can upload an equirectangular image containing crafted text; OCR extracts it and the panorama viewer renders it via innerHTML without sanitization. This allows ar...

EUVD-2026-15461

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to childprocess.exec...

The Silent Spill: Measuring Sensitive Data Leaks across Public URL Repositories

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose links containing sensitive information, as reported in so...

CVE-2021-47729

Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'fileslist' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/getfile.php with crafted payload to execute arbitrary scripts in victim's...

TopoReformer: Mitigating Adversarial Attacks Using Topological Purification in OCR Models

Adversarially perturbed images of text can cause sophisticated OCR systems to produce misleading or incorrect transcriptions from seemingly invisible changes to humans. Some of these perturbations even survive physical capture, posing security risks to high-stakes applications such as document...

VulnCheck KEV: CVE-2025-34021

A server-side request forgery SSRF vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON...

Dnn.Platform 安全漏洞

Dnn.Platform is an open source web content management platform CMS open sourced by Dnn Software. A security vulnerability exists in Dnn.Platform, which stems from a low complexity CAPTCHA generation algorithm that is easily recognized by OCR tools...

Screenshot-Reading Malware

Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition OCR to review a device's photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more...

SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images

A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition OCR model to exfiltrate select images...

DEBIAN-CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

UBUNTU-CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

Artifex Ghostscript 安全漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-PostScrip...

CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. "Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward th...

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ES...

Octopii - An AI-powered Personal Identifiable Information (PII) Scanner

Octopii is an open-source AI-powered Personal Identifiable Information PII scanner that can look for image assets such as Government IDs, passports, photos and signatures in a directory. Working Octopii uses Tesseract's Optical Character Recognition OCR and Keras' Convolutional Neural Networks CN...

Ocr-Recon - Tool To Find A Particular String In A List Of URLs Using Tesseract'S OCR (Optical Character Recognition) Capabilities

This tool is useful to find a particular string in a list of URLs using tesseract's OCR Optical Character Recognition capabilities. Usage Usage: python3 ocr-recon.py listwithURLs stringtosearch Download Ocr-Recon...