35 matches found
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC66...
EUVD-2026-25391
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. Redirect parameter on login page is vulnerable to reflected XSS. The patch in commit 16d1b6ca2559f858a1de77bcb03fd7f1b81671c6 fixes the issue by restricting...
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters. The attacks leverage advanced voice phishing aka vishing and bogus...
EUVD-2021-16413
Malware in sbrugna...
EUVD-2023-38328
Malicious code in bioql PyPI...
CVE-2023-34240
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
Malicious code in tcloud-python-sdks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 601415ac1e4afe43331c4b78d99e406f34b4a970a365a366cdc0598c5cb22f9c This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191901 Malicious code in time-check-server-get (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 25b39f6b89687636c8f9e90e3c326bcfb64ecbfa2594850247d4d2e9646b9257 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
Citrix Workspace app for Windows Security Bulletin CVE-2024-6286
Description of Problem A vulnerability has been discovered that impacts the Citrix Workspace app for Windows. Refer to below for further details: Affected Versions The vulnerability affects the following supported versions of the Citrix Workspace app for Windows Current Release CR Citrix Workspac...
Citrix Provisioning Security Bulletin CVE-2024-6150
Description of Problem A vulnerability has been discovered that impacts Citrix Provisioning. Refer to below for further details: Affected Versions The vulnerability affects the following supported versions of Citrix Provisioning Current Release CR Citrix Provisioning versions before 2402 Long Ter...
Cloud Software Group Security Advisory for CVE-2024-6387
Advisory for 3rd party CVE-2024-6387 Cloud Software Group is aware of the vulnerability CVE-2024-6387 impacting OpenSSH. Qualys has discovered a remote unauthenticated code execution vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. Because this vulnerability is a regression of...
Impact of HTTP/2 CONTINUATION frames being utilized for DoS attacks on Cloud Software Group Products
Cloud Software Group is aware of the reports describing HTTP/2 CONTINUATION frames being utilized for DoS attacks. HTTP/2 CONTINUATION frames can be utilized for DoS attacks HTTP/2 CONTINUATION Flood Cloud Software Group continues to investigate any potential impact on Cloud Software Group-manage...
Impact of Chromium vulnerabilities CVE-2023-4863 and CVE-2023-5217 on Cloud Software Group products
Cloud Software Group will continue to update this post as additional information becomes available. Summary Google Chromium Heap-Based Buffer Overflow Vulnerability Cloud Software Group is aware of the vulnerabilities CVE-2023-4863 and CVE-2023-5217 that impact Chromium. CVE-2023-4863 description...
Improper access control
Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0...
Fedora: Security Advisory for cloudcompare (FEDORA-2022-9cbdf39a5a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Yimioa SQL注入漏洞
Yimioa is the collaborative office software of Cloud.com Software. Based on enterprise-class workflow engine, in-depth research and development for 15 years, served more than 1000 customers, based on springboot framework. With mature OA office functions, comes with a low-code development platform...
How to Combat the Biggest Security Risks Posed by Machine Identities
The rise of DevOps culture in enterprises has accelerated product delivery timelines. Automation undoubtedly has its advantages. However, containerization and the rise of cloud software development are exposing organizations to a sprawling new attack surface. Machine identities vastly outnumber...
CVE-2022-22359
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652...
PT-2022-15390 · Ibm · Ibm Sterling Partner Engagement Manager
Name of the Vulnerable Software and Affected Versions: IBM Sterling Partner Engagement Manager versions 6.1.2, 6.2, and Cloud/SasS 22.2 Description: The issue allows a remote authenticated attacker to conduct an LDAP injection by using a specially crafted request. This could result in granting...
CVE-2022-22359
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652...