70 matches found
Malicious code in @budetzz/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c79c7b873a8ea61831fdfd7b987de0efbf8944d2fd407a8dca4b70042a3d029c This package is a republished fork of @whiskeysockets/baileys that adds two undocumented network behaviors. 1 lib/Socket/newsletter.js line 111...
Malicious code in darkig (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7589c67c4429eabd010f891cb17f893ee11ec3cb873d4a31095cc3592134f762 Instagram hacking tool that also forces the user to follow hardcoded accounts. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
CVE-2025-41711 Use of a Broken or Risky Cryptographic Algorithm for firmware images of power analyzer
An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access...
EUVD-2018-21620
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
CVE-2018-25165
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
CVE-2018-25165 Galaxy Forces MMORPG 0.5.8 SQL Injection via ads.php
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
CVE-2018-25165
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
CVE-2018-25165 Galaxy Forces MMORPG 0.5.8 SQL Injection via ads.php
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
Galaxy Forces MMORPG SQL注入漏洞
Galaxy Forces MMORPG is a multiplayer online role-playing game developed by zoltarx. Version 0.5.8 of Galaxy Forces MMORPG has a SQL injection vulnerability. This vulnerability stems from the SQL injection in the type parameter of the ads.php file, which may allow for the execution of arbitrary S...
PT-2026-23677
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...
Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data
Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more...
ICE and Qatari Security Forces at the Winter Olympics Put Italians on Edge
The influx of security personnel from around the world is sparking concern among Italians ahead of the Milano Cortina Olympic Games...
Digital Sovereignty Control Framework for Military AI-Based Cyber Security
In today's evolving threat landscape, ensuring digital sovereignty has become mandatory for military organizations, especially given their increased development and investment in AI-driven cyber security solutions. To this end, a multi-angled framework is proposed in this article in order to defi...
US and UK Military Social Network “Forces Penpals” Exposes SSN, PII Data
Forces Penpals, a social network for US and UK military personnel, exposed the sensitive data of 1.1M users,…...
SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, whic...
Inside Ukraine’s Killer-Drone Startup Industry
Ukraine needs small drones to combat Russian forces—and is bootstrapping its own industry at home...
New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of...
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This computer network was used for unclassified research and development R&D," the Dutch Military Intelligence and Security Service MIVD said in a statement...
U.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber Espionage
The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "threatening the privacy and security of individuals and organizations worldwide." This includes th...
CVE-2023-36924
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...