CVE-2025-34041 Sangfor Endpoint Detection and Response OS Command Injection

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interfac...

PT-2025-26672

Name of the Vulnerable Software and Affected Versions: Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19 Description: The issue is an OS command injection vulnerability that allows unauthenticated attackers to send malicious HTTP requests to the E...

USB: a Comprehensive and Unified Safety Evaluation Benchmark for Multimodal Large Language Models

Despite their remarkable achievements and widespread adoption, Multimodal Large Language Models MLLMs have revealed significant security vulnerabilities, highlighting the urgent need for robust safety evaluation benchmarks. Existing MLLM safety benchmarks, however, fall short in terms of data...

openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2024:0274-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0274-1 advisory. - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when...

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typically associated wit...

Encryption Flaws in Popular Chinese Language App Put Users' Typed Data at Risk

A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto's Citizen Lab, which carried out an analysis of the...

Undocumented driver-based browser hijacker RedDriver targets Chinese speakers and internet cafes

Cisco Talos has identified multiple versions of an undocumented malicious driver named "RedDriver," a driver-based browser hijacker that uses the Windows Filtering Platform WFP to intercept browser traffic. RedDriver has been active since at least 2021. RedDriver utilizes HookSignTool to forge it...

Old certificate, new signature: Open-source tools forge signature timestamps on Windows drivers

Cisco Talos has observed threat actors taking advantage of a Windows policy loophole that allows the signing and loading of cross-signed kernel mode drivers with signature timestamp prior to July 29, 2015. Actors are leveraging multiple open-source tools that alter the signing date of kernel mode...

CVE-2022-46154

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

Input validation

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

Hackers Backdoored Systems at China's National Games Just Before Competition

Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start o...

New Mac malware masquerades as iTerm2, Remote Desktop and other apps

Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. The malware was discovered earlier the same day by security researcher Zhi @CodeColorist on Twitter, and detailed on a Chinese-language blog. For those who dont spea...

vuls

The repository is a collection of exploits, proof-of-concepts, and other resources for various vulnerabilities. The primary language used in the repository is Chinese, but some code snippets and comments are in English. The repository appears to be a collection of tools and scripts for exploiting...

50k Servers Infected with Cryptomining Malware in Nansh0u Campaign

Up to 50,000 servers were infected over the past four months as part of a high-profile cryptojacking campaign, believed to orchestrated by Chinese-language adversaries. Researchers with Guardicore Labs, who disclosed the campaign Wednesday, said that the Nansh0u​ campaign named due to a text file...

Fedora 24 : php-pear-CAS (2017-d9d620366e)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

Learn Chinese - HelloChinese - Exported components, SQLite database found, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Learn Chinese - HelloChinese published at the 'play' market has multiple vulnerabilities...

Learn Chinese - ChineseSkill - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Learn Chinese - ChineseSkill published at the 'play' market has multiple vulnerabilities...

Musical Chairs Campaign Found Deploying New Gh0st RAT Variant

Researchers have peeled back the layers on a new campaign that spans multiple years and involves a new variant of the ubiquitous Gh0st remote access tool RAT. The campaign, now believed to in its sixth year, is dubbed Musical Chairs, according to new research from Palo Alto Networks published...

Report: Phishing Domain Registrations Way Down

Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group APWG. In all, the group observed phishing attacks...

Unisys/DHS Hack

A congressional investigation was launched after hackers compromised a number of Homeland Security computers and transferred sensitive data to several Chinese language Web sites. The investigation deemed that Unisys, a government contractor that had been hired to secure the department’s systems,...