CVE-2025-68154

The CVE-2025-68154 issue affects the systeminformation library for Node.js, where fsSize() on Windows unsafely concatenates the drive parameter into a PowerShell command, enabling OS command injection. The vulnerability is documented as high severity (CVSS 8.1) with potential for arbitrary comman...

CVE-2025-68154 Command Injection in fsSize() on Windows

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

CVE-2025-68154

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

CVE-2025-68154 Command Injection in fsSize() on Windows

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

CVE-2025-68154 Command Injection in fsSize() on Windows

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

PT-2025-51775

systeminformation and Affected Versions systeminformation versions prior to 5.27.14 Description The fsSize function within the systeminformation Node.js library is susceptible to OS command injection on Windows systems. The optional drive parameter is directly incorporated into a PowerShell comma...

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primari...

Malicious Package

Overview @wb-drive/icons is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malwarebytes for Mac now has smarter, deeper scans

Say hello to the upgraded Malwarebytes for Mac —now with more robust protection, more control, and the same trusted defense you count on every day. We’ve given our Mac scan engine a serious intelligence boost, so it thinks faster and digs deeper. The new enhanced scan searches across more of your...

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control C2 purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed...

(0Day) PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the target system in order to exploit this vulnerability. The specific flaw exists within the...

EUVD-2025-201913

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-66271

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-66271

CVE-2025-66271 affects ELECOM Clone for Windows, where the software registers a Windows service with an unquoted file path (unquoted service path). The root cause is an unquoted path in the service configuration, enabling a local attacker with write access to the system drive root to execute arbi...

CVE-2025-66271

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

Description of the security update for SharePoint Server 2016: December 9, 2025 (KB5002821)

Description of the security update for SharePoint Server 2016: December 9, 2025 KB5002821 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're...

Siemens多款产品 安全漏洞

Siemens SIDOOR ATD430W and others are an automatic door drive system from Siemens, Germany. A security vulnerability exists in various Siemens products, which stems from insufficient TCP serial number validation and could lead to a denial-of-service attack. The following products are affected:...

PT-2025-49825

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous email into a destructive action that wipes a user's entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecti...

CVE-2025-54159

Missing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrary files via unspecified vectors...