115 matches found
EUVD-2021-20109
Malware in sbrugna...
EUVD-2021-20931
Malware in sbrugna...
EUVD-2023-40747
Malicious code in bioql PyPI...
Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses
Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses...
FBI Seizes Major Sites Sharing Unreleased and Pirated Video Games
FBI seizes top piracy sites leaking unreleased and pirated video games with millions of downloads and 170 million dollars in losses for developers and publishers...
Scattered Spider’s Strategic Hunt: Is Your Industry Next?
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Introduction In April 2025, a single phone call didn’t just ‘help crash’ Marks & Spencer’s...
Scattered Spider’s Strategic Hunt: Is Your Industry Next?
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Introduction In April 2025, a single phone call didn’t just ‘help crash’ Marks & Spencer’s...
Big Tech’s Mixed Response to U.S. Treasury Sanctions
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies ...
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc. , a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering." In Janua...
CVE-2023-47034
A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via unspecified vectors...
CVE-2021-34270
An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses...
PT-2025-17679 · Abb · Abb Mv Drives
Name of the Vulnerable Software and Affected Versions: ABB MV Drives affected versions not specified Description: A denial-of-service DoS issue could incapacitate industrial processes, leading to operational delays and financial losses. Recommendations: At the moment, there is no information abou...
How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity...
Payment Manipulation
Sylius PayPal Plugin is vulnerable to Payment Manipulation. The vulnerability is due to PayPal not receiving updated totals after item quantity changes, allowing attackers to pay less than the actual order value, causing financial losses for merchants...
GHSA-HXG4-65P5-9W37 Sylius PayPal Plugin has an Order Manipulation Vulnerability after PayPal Checkout
A discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the car...
CVE-2025-29788
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after...
CVE-2025-29788 Sylius PayPal Plugin Payment Amount Manipulation Vulnerability
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after...
How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales
In the fast-paced world of online retail, where customer satisfaction and availability are paramount, a sudden attack by scalping bots can disrupt operations, inflate costs, and damage reputation. A North American Online Retailer faced a month-long bot attack that targeted their inventory system,...
How AI was used in an advanced phishing campaign targeting Gmail users
In May, 2024, the FBI warned about the increasing threat of cybercriminals using Artificial Intelligence AI in their scams. At the time, FBI Special Agent in Charge Robert Tripp said: “Attackers are leveraging AI to craft highly convincing voice or video messages and emails to enable fraud scheme...
Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees
Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This blog highlights real-world tactics, including: Insider...