Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System TDS and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework. "The sites are...

CVE-2026-26101 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a...

CVE-2025-67014

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint...

CVE-2025-67014

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint...

CVE-2025-67013

The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery CSRF protection mechanisms no tokens, no Origin/Referer validation on critical configuration endpoints...

PT-2025-53596

Name of the Vulnerable Software and Affected Versions DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 Description An issue exists in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 related to access control. An unauthenticated attacker...

DEV 7113 RF over Fiber Distribution System 安全漏洞

The DEV 7113 RF over Fiber Distribution System is a chassis from DEV Germany that is used in telecommunications infrastructure. A security vulnerability exists in the DEV 7113 RF over Fiber Distribution System version 32-0078 H.01, which stems from improper access control and could lead to an...

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. "Site visitors get injected content that was drive-by malware like fake Cloudflare verification," Sucuri...

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called...

Microsoft Teams used to deliver DarkGate Loader malware

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and Experion PlantCruise distribution systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and Experion PlantCruise distribution systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker...

PEAR Archive_Tar Improper Link Resolution Vulnerability

PEAR ArchiveTar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party...

SQL Injection Vulnerability in Gas Call Distribution System of Shenzhen Puyan Computer Software Technology Co.

Shenzhen Puyan Computer Software Technology Co., Ltd. gas call distribution system is a comprehensive service system based on CTI computer and telephone integration technology. There is a SQL injection vulnerability in the Gas Call Distribution System of Shenzhen Puyuan Computer Software Technolo...

Shenzhen Puyan Computer Software Technology Co., Ltd. gas call distribution system has a logic flaw vulnerability

Shenzhen Puyan Computer Software Technology Co., Ltd. gas call distribution system is a comprehensive service system based on CTI computer and telephone integration technology. There is a logic flaw vulnerability in the Gas Call Distribution System of Shenzhen Puyuan Computer Software Technology...

[SECURITY] Fedora 33 Update: php-pear-1.10.12-5.fc33

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

[SECURITY] Fedora 32 Update: php-pear-1.10.12-5.fc32

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

Fedora: Security Advisory for php-pear (FEDORA-2020-5271a896ff)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: php-pear-1.10.12-4.fc32

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...