Cloud Atlas activity in the first half of 2025: what changed

Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails containing a malicious document that exploits an old vulnerability in the Microsoft Office Equation Editor process CVE-2018-0802 to download and execute malicious cod...

EUVD-2020-17975

Malware in sbrugna...

CVE-2021-32856

Microweber is a drag and drop website builder and content management system. Versions 1.2.12 and prior are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. A fix was attempted i...

CVE-2025-47916

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller file: /applications/core/modules/front/system/themeeditor.php, where a protected method named customCss can be invoked by...

pgAdmin Query Tool authenticated RCE (CVE-2025-2945)

This module exploits a vulnerability in pgAdmin where an authenticated user can establish a connection to the query tool and send a specific payload in the querycommited POST parameter. This payload is directly executed via a Python eval statement, resulting in remote code execution in versions...

GHSA-R287-HC8J-W56H TYPO3 Information Disclosure Vulnerability Exploitable by Editors

It has been discovered, that editors with access to the file list module could list all files names and folder names in the root directory of a TYPO3 installation. Modification of files, listing further nested directories or retrieving file contents was not possible. A valid backend user account ...

Bitter APT Hackers Continue to Target Bangladesh Military Entities

Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...

HT Editor 2.0.18 File Opening Stack Overflow

No description provided by source. Exploit Title: HT Editor File openning Stack Overflow 0day Date: March 30th 2011 Author: ZadYree Software Link: http://hte.sourceforge.net/downloads.html Version: = 2.0.18 Tested on: Linux/Windows buffer padding may differ on W32 CVE : None !/usr/bin/perl =head1...

BeyondCHM 1.1 - Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= ============================================================================= BeyondCHM 1.1 Buffer Overflow price 32.56 EUR Url: http://www.beyondchm.com/ Author: shinnai...

mirc-hidden-files.txt

Date: Sat, 2 Jan 1999 06:15:04 -0500 From: Locke Nash Cole To: [email protected] Subject: Re: Win32 ICQ 98a flaw You can also do this in the popular mIRC IRC Client, althou it has no "Open" option so there is a less chance of the person running it, however in explorer "mypic..bmp .exe" Kinda...