Fake BlueWallet steals passwords, accounts, and crypto from Macs

A fake website impersonating BlueWallet a real Bitcoin wallet is targeting Mac users with a simple but effective attack. BlueWallet itself has not been compromised. Instead, cybercriminals have stolen the name and branding of the legitimate Bitcoin wallet to make a malicious download appear...

EUVD-2026-16234

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

GHSA-3439-VQGJ-2GCF Mattermost allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

CVE-2026-3108 Terminal Escape Injection in mmctl Report Posts Command

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

CVE-2026-3108 Terminal Escape Injection in mmctl Report Posts Command

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

New Chaos-C++ Ransomware Targets Windows by Wiping Data, Stealing Crypto

FortiGuard Labs reveals Chaos-C++, a new Chaos ransomware variant that deletes files over 1.3 GB instead of encrypting them and uses clipboard hijacking to steal cryptocurrency...

EUVD-2021-33065

Malicious code in bioql PyPI...

XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in our March 2025 blog post. The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an...

XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in our March 2025 blog post. The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an...

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape b...

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ES...

Malicious code in beautifulsooup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 20295d15744840724442dda39ce2b027e50b10c1d88c6096693b327ae31b9a9e Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in requests-toolbetl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 88f13d19ebda7c72070169dad1b4c5f9d9be45a3b5ab374e9a10af50b049c950 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautifulsoup44 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e870f879046d64821bfc645ee9e014d478af57d12ac5ce5c82f9e1d9e995733a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1819 Malicious code in ebautifulsoup4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx aa52f4c2410a9205f2ec0b2f2e76cc51c0176488ca4e5a0d2074a9250a62b2d4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

NETGEAR WAC120 Cross-Site Scripting Vulnerability

Netgear NETGEAR WAC120 is a wireless access point AP from Netgear, Inc. A cross-site scripting vulnerability exists in the Netgear WAC120 AC Access Point, which stems from unauthenticated cross-site scripting XSS could lead to a variety of attacks, such as session hijacking or even clipboard...

CVE-2021-46382

Unauthenticated cross-site scripting XSS in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking...

CVE-2021-46382

Unauthenticated cross-site scripting XSS in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking...

Cross site scripting

Unauthenticated cross-site scripting XSS in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking...

CVE-2021-46382

Unauthenticated cross-site scripting XSS in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking...