Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

In this article 1. From search to stolen credentials: Storm-2561 attack chain 2. Defending against credential theft campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign tha...

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

In this article 1. From search to stolen credentials: Storm-2561 attack chain 2. Defending against credential theft campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign tha...

EUVD-2025-36537

Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local attackers to cause a denial of service by crashing arbitrary processes via sending crafted IOCTL requests...

EUVD-2024-43372

Malicious code in bioql PyPI...

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic interests. "This multi-stage attack chain leverages advanced social engineering including valid code signing...

CVE-2024-49309

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omarfolghe Digitally digitally allows Reflected XSS.This issue affects Digitally: from n/a through = 1.0.8...

[SECURITY] Fedora 40 Update: libdigidocpp-4.0.0-1.fc40

Libdigidocpp library offers creating, signing and verification of digitally signed documents, according to XAdES and XML-DSIG standards. Documentation http://open-eid.github.io/libdigidocpp...

CVE-2024-49309

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omarfolghe Digitally digitally allows Reflected XSS.This issue affects Digitally: from n/a through = 1.0.8...

CVE-2024-49309 WordPress Digitally theme <= 1.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omarfolghe Digitally digitally allows Reflected XSS.This issue affects Digitally: from n/a through = 1.0.8...

CVE-2024-49309

CVE-2024-49309 is a reflected XSS in the WordPress Digitally theme (

CVE-2024-49309 WordPress Digitally theme <= 1.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Digitally allows Reflected XSS.This issue affects Digitally: from n/a through 1.0.8...

PT-2024-33448 · Digitally · Digitally

Name of the Vulnerable Software and Affected Versions: Digitally versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions 1.0.8...

WordPress plugin Digitally 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Digitally theme <= 1.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme Digitally versions = 1.0.8...

WordPress Digitally Theme <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Digitally Type Theme Vulnerable versions = 1.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49309 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 216a2ab68c1d Credits justakazh Required privilege...

RHEL 8 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Incorrect trust validation of signature with ambiguous KeyInfo children CVE-2021-25636 -...

Oracle Linux 8 : thunderbird (ELSA-2024-0003)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0003 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.6.0-1 - Update to 115.6.0 build2 Tenable has...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

RHEL 9 : thunderbird (RHSA-2024:0001)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...

Email Spoofing

Thunderbird is vulnerable to Email Spoofing. The vulnerability is caused because when processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user as the text was interpreted as a MIME message and the first paragraph was always...