51 matches found
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-hig...
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model LLM. The package in question is "@validate-sdk/v2," which is listed on npm as a utility software development kit SDK...
UAT-9244 targets South American telecommunication providers with three new malware implants
Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat APT actor closely associated with Famous Sparrow. Since 2024, UAT-9244 has targeted critical telecommunications infrastructure, including Windows and Linux-based endpoints and edge...
CVE-2025-27004
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Famous - Responsive Image And Video Grid Gallery WordPress Plugin famousgridimageandvideogallery allows Reflected XSS.This issue affects Famous - Responsive Image And Video Grid Galler...
CVE-2025-27004
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Famous - Responsive Image And Video Grid Gallery WordPress Plugin famousgridimageandvideogallery allows Reflected XSS.This issue affects Famous - Responsive Image And Video Grid Galler...
CVE-2025-27004 WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Famous - Responsive Image And Video Grid Gallery WordPress Plugin famousgridimageandvideogallery allows Reflected XSS.This issue affects Famous - Responsive Image And Video Grid Galler...
CVE-2025-27004
CVE-2025-27004 concerns a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Famous - Responsive Image And Video Grid Gallery by LambertGroup. According to the CVE data and Wordfence report, the issue arises from improper neutralization of input during web page generation,...
CVE-2025-27004 WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Famous - Responsive Image And Video Grid Gallery WordPress Plugin famousgridimageandvideogallery allows Reflected XSS.This issue affects Famous - Responsive Image And Video Grid Galler...
WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin = 1.4 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Famous - Responsive Image And Video Grid Gallery WordPress Plugin versions = 1.4...
WordPress plugin Famous 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1796
Name of the Vulnerable Software and Affected Versions Famous - Responsive Image And Video Grid Gallery WordPress Plugin versions through 1.4 Description The Famous - Responsive Image And Video Grid Gallery WordPress Plugin contains a flaw due to improper input neutralization during web page...
EUVD-2025-117390
Malicious code in famous-scarlet-dog npm...
EUVD-2025-117391
Malicious code in famous-beige-tern npm...
EUVD-2025-98964
Malicious code in famouscicadaz3n npm...
MAL-2025-119979 Malicious code in famous_whale_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe4886a691e02d721063b4f74020d360bdb8acdfd3dc10a34e44a9267ae557d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-79259
Malicious code in famousanacondaz3n npm...
EUVD-2025-81943
Malicious code in famousfirefly0xrequest npm...
EUVD-2025-81944
Malicious code in famousape0xrequest npm...
Malicious code in famous_angelfish_dumbs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cdf055eb324b6f7ea517ff908216d3d7bba41fde32bf57126044d8246550ddd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-54413
Malicious code in famous-coral-fly npm...