Lucene search
K

115 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-20109

Malware in sbrugna...

7.5CVSS7.6AI score0.01196EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20931

Malware in sbrugna...

7.5CVSS7.6AI score0.01072EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-40747

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00577EPSS
Exploits0References1
HackRead
HackRead
added 2025/07/30 8:22 p.m.5 views

Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses

Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/07/11 9:22 p.m.6 views

FBI Seizes Major Sites Sharing Unreleased and Pirated Video Games

FBI seizes top piracy sites leaking unreleased and pirated video games with millions of downloads and 170 million dollars in losses for developers and publishers...

7.4AI score
Exploits0
hivepro
hivepro
added 2025/07/08 2:0 p.m.6 views

Scattered Spider’s Strategic Hunt: Is Your Industry Next?

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Introduction In April 2025, a single phone call didn’t just ‘help crash’ Marks & Spencer’s...

7.8AI score
Exploits0
hivepro
hivepro
added 2025/07/08 2:0 p.m.8 views

Scattered Spider’s Strategic Hunt: Is Your Industry Next?

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Introduction In April 2025, a single phone call didn’t just ‘help crash’ Marks & Spencer’s...

7.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/07/03 4:6 p.m.8 views

Big Tech’s Mixed Response to U.S. Treasury Sanctions

In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies ...

7.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/05/30 1:55 a.m.16 views

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc. , a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering." In Janua...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.9 views

CVE-2023-47034

A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via unspecified vectors...

7.5CVSS6.9AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:50 p.m.6 views

CVE-2021-34270

An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses...

7.5CVSS7.1AI score0.01072EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.10 views

PT-2025-17679 · Abb · Abb Mv Drives

Name of the Vulnerable Software and Affected Versions: ABB MV Drives affected versions not specified Description: A denial-of-service DoS issue could incapacitate industrial processes, leading to operational delays and financial losses. Recommendations: At the moment, there is no information abou...

6.5AI score
Exploits0References2
The Hacker News
The Hacker News
added 2025/03/26 10:15 a.m.13 views

How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More

When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity...

7.6AI score
Exploits0
Veracode
Veracode
added 2025/03/21 2:32 a.m.10 views

Payment Manipulation

Sylius PayPal Plugin is vulnerable to Payment Manipulation. The vulnerability is due to PayPal not receiving updated totals after item quantity changes, allowing attackers to pay less than the actual order value, causing financial losses for merchants...

6.5CVSS6.6AI score0.00464EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/03/19 4:46 p.m.10 views

GHSA-HXG4-65P5-9W37 Sylius PayPal Plugin has an Order Manipulation Vulnerability after PayPal Checkout

A discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the car...

6.5CVSS6.3AI score0.00323EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/19 2:27 p.m.10 views

CVE-2025-29788

The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after...

6.5CVSS6.7AI score0.00464EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/17 1:25 p.m.8 views

CVE-2025-29788 Sylius PayPal Plugin Payment Amount Manipulation Vulnerability

The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after...

6.5CVSS6.2AI score0.00464EPSS
Exploits0References6
Imperva Blog
Imperva Blog
added 2025/02/28 1:39 a.m.12 views

How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales

In the fast-paced world of online retail, where customer satisfaction and availability are paramount, a sudden attack by scalping bots can disrupt operations, inflate costs, and damage reputation. A North American Online Retailer faced a month-long bot attack that targeted their inventory system,...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/02/13 9:8 p.m.7 views

How AI was used in an advanced phishing campaign targeting Gmail users

In May, 2024, the FBI warned about the increasing threat of cybercriminals using Artificial Intelligence AI in their scams. At the time, FBI Special Agent in Charge Robert Tripp said: “Attackers are leveraging AI to craft highly convincing voice or video messages and emails to enable fraud scheme...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/16 4:0 p.m.13 views

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This blog highlights real-world tactics, including: Insider...

7.3AI score
Exploits0
Rows per page
Query Builder