78 matches found
April 14, 2026-KB5082419 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H2 and Windows 10 Version 22H2
None None...
April 14, 2026-KB5082425 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server 2022
None None...
April 14, 2026-KB5082413 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019
None None...
February 10, 2026-KB5074837 Cumulative Update for .NET Framework 4.8.1 for Windows 11, version 26H1
None None...
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...
SideWinder's Shifting Sands: Click Once for Espionage
SideWinder's Shifting Sands: Click Once for Espionage By Ernesto Fernández Provecho and Pham Duy Phuc · October 22, 2025 In September 2025, the Trellix Advanced Research Center ARC detected a campaign targeting a European embassy located in New Delhi, India. Further investigation led to the...
EUVD-2024-26504
Malicious code in bioql PyPI...
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
OneClik: A ClickOnce-Based Red Team Campaign Simulating APT Tactics in Energy Infrastructure By Nico Paulo Yturriaga and Pham Duy Phuc · Updated : June 30, 2025 The Trellix Advanced Research Center previously uncovered what appeared to be a sophisticated APT malware campaign, which we dubbed...
OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with...
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure By Nico Paulo Yturriaga and Pham Duy Phuc · June 24, 2025 The Trellix Advanced Research Center has uncovered a sophisticated APT malware campaign that we’ve dubbed OneClik. It specifically targets the energy, oil...
CVE-2024-29500
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...
CVE-2024-29500
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...
CVE-2024-29500
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...
CVE-2024-29500
CVE-2024-29500 concerns the Secure Lockdown Multi Application Edition (Inteset) v2.00.219, where the kiosk mode permits an attacker to execute arbitrary code by running a ClickOnce application instance. The initial description and connected sources consistently state this is tied to the kiosk mod...
CVE-2024-29500
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...
CVE-2024-29500
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...
Inteset Systems Secure Lockdown 安全漏洞
Inteset Systems Secure Lockdown is a Windows lockdown utility from Inteset Systems, Inc. Allows access to only desired applications from a highly customizable menu. A security vulnerability exists in Inteset Systems Secure Lockdown version v2.00.219, which stems from a vulnerability that allows a...
PT-2024-22927 · Unknown · Secure Lockdown Multi Application Edition
Name of the Vulnerable Software and Affected Versions: Secure Lockdown Multi Application Edition version 2.00.219 Description: An issue in the kiosk mode of Secure Lockdown Multi Application Edition allows attackers to execute arbitrary code via running a ClickOnce application instance...
September 12, 2023—KB5030211 (OS Builds 19044.3448 and 19045.3448) - EXPIRED
None None...
Security Updates for Microsoft .NET Framework (August 2023)
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - A remote code execution vulnerability in applications running on IIS using their parent application's Application Pool which can lead to...