Credit Resources Vault: Why this credit email set off our scam alarms

If there is anything that annoys me more than a scammer, it's companies that behave like one, while staying just on the right side of the law. They manage to linger and disappoint customers for years. It's also why sometimes people think that Malwarebytes Scam Guard can be overly cautious when...

How exposed is your code? Find out in minutes—for free

Most security leaders share the same suspicion: there are vulnerabilities in our codebase that we don't know about. The uncomfortable truth is that most code never gets a thorough security review. Vulnerabilities accumulate quietly in active repositories, across languages and teams, often...

EUVD-2026-15365

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

CVE-2026-23200 ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTFADDRCONF syzbot reported a kernel BUG in fib6addrt2node when adding an IPv6 route. 0 Commit f72514b3c569 "ipv6: clear RA flags when adding a static route" introduced logic to...

Virtuozzo Hybrid Infrastructure 6.2 Update 1 Hotfix 7 (6.2.1-97)

This update provides stability fixes and support for cumulative updates. Clusters running version 6.2.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-91715 Failed to retry updating the kernel. Vulnerability id: VSTOR-93149, VSTOR-10082...

Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 3 (6.3.1-133)

This update provides stability fixes and support for cumulative updates. Clusters running version 6.3.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-105770 A stability fix for vstorage-mount. Vulnerability id: VSTOR-104585, VSTOR-1065...

EUVD-2024-21526

Malicious code in bioql PyPI...

EUVD-2025-29259

Malicious code in bioql PyPI...

EUVD-2024-1663

Malicious code in bioql PyPI...

CVE-2025-10477

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477 kidaze CourseSelectionSystem eligibility.php sql injection

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477 kidaze CourseSelectionSystem eligibility.php sql injection

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477

CVE-2025-10477 affects kidaze CourseSelectionSystem. The vulnerability is a SQL injection caused by manipulation of the Branch argument in an unknown function within /Profilers/PriProfile/eligibility.php. It is exploitable remotely, and publicly available exploits exist. The product does not use ...

CourseSelectionSystem SQL注入漏洞

CourseSelectionSystem is a simple online course selection system by the individual developer of kidaze. CourseSelectionSystem suffers from a SQL injection vulnerability that stems from a misuse of the parameter Branch in the file /Profilers/PriProfile/eligibility.php, which could lead to a SQL...

US Government Begins $200M Payouts to Backpage Trafficking Victims

The US DOJ has announced the largest-ever compensation process for human trafficking victims of Backpage. Learn about the $200M fund, who is eligible, and the steps to file a petition before the February 2, 2026, deadline. This comes years after the site's seizure, as previously reported by...

AT&T Reaches $177M Deal Over 2019 and 2024 Data Breaches

AT&T's $177M data breach settlement. Check eligibility for payouts from 2019 and 2024 incidents. Get claim details here...

CVE-2024-24101

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update...