China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial...

Blazing-Black-Dragon

No d...

SysAK 安全漏洞

SysAK is a system operation toolset open source by China Dragon Lizard anolis. Versions of SysAK prior to v2.0 contained security vulnerabilities; these vulnerabilities stemmed from command execution, potentially allowing attackers to execute arbitrary commands...

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker...

CVE-2021-27965

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request...

Exploit for Server-Side Request Forgery in Svelte Sveltekit

BlueDragon Web Security An advanced web vulnerability scann...

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the name Ink Dragon. It's also referenced by t...

CVE-2025-63401

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

EUVD-2025-201093

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

CVE-2025-63401

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

CVE-2025-63401

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

CVE-2025-63401

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

HCLTech DRAGON 安全漏洞

HCLTech DRAGON is a data retention / archiving / mass data storage and retrieval solution from HCL Corporation, USA. A security vulnerability exists in HCLTech DRAGON versions prior to 7.6.0, which stems from a missing instruction and could lead to the remote execution of arbitrary code...

CVE-2025-63401

CVE-2025-63401 is a Cross Site Scripting vulnerability affecting HCLTech DRAGON prior to 7.6.0. The root cause is described as a missing directives issue, enabling a remote attacker to execute arbitrary code. Connected documents (Red Hat, ENISA, NVD, CVE list, CNNVD, etc.) consistently reference ...

PT-2025-48976

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

CVE-2025-63401

Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives...

HCLTech DRAGON 安全漏洞

HCLTech DRAGON is a data retention / archiving / mass data storage and retrieval solution from HCL Corporation, USA. A security vulnerability exists in HCLTech DRAGON versions prior to 7.6.0 that stems from the API not enforcing a request number or size limit, which could lead to remote execution...

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers...

EUVD-2025-120009

Malicious code in swiftdragongreen-32 npm...

MAL-2025-148411 Malicious code in swift_dragon_green-32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b51fb18bf8430096563d6f2aa932669cb667a1d81503b210fa97f967a97e3f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...