Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp

Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading their malware delivery and propagation methods across WhatsApp in Brazil...

EUVD-2024-0254

Malicious code in bioql PyPI...

Google Android elevation of privilege vulnerability (CNVD-2024-07129)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a lack of bounds checking in the code conversion QToFloat in the btifavrcpaudiotrack.cc script, which can be exploited by an attacker to gain elevat...

OESA-2023-1176 future security update

This package intends to provides a compatibility layer for Python between its two version release. The future and past packages are both provides for backports and forwards, in which you are able to use a single, clean codebase to run under Python3 environmets easily. With also providing futurize...

mercurial: arbitrary code execution

Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake...

DLA-459-1 mercurial - security update

Bulletin has no description...

DSA-3570-1 mercurial - security update

Bulletin has no description...

Courier < 0.45 Japanese Codeset Conversion Overflows

Binary data 1206.prm...

Imailpwdump.cpp

/ IpSwitch IMail Server IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption scheme is relatively easy to break. In order to decrypt user password we need a key. IMail uses usernam...