2754 matches found
CVE-2026-24553
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...
CVE-2026-24553
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...
CVE-2026-24553
CVE-2026-24553 describes an exposure of embedded sensitive data in the WordPress plugin “Fraud Prevention For WooCommerce” (also listed as woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers) affecting versions n/a through 2.3.1. The vulnerability is a data exposure flaw that could...
CVE-2026-24553
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...
CVE-2026-24553 WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...
CVE-2026-24553 WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...
WordPress Plugin: Fraud Prevention for Woocommerce – Security Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-4396
Name of the Vulnerable Software and Affected Versions Dotstore Fraud Prevention For Woocommerce versions n/a through 2.3.1 Description A flaw exists in Dotstore Fraud Prevention For Woocommerce that allows retrieval of embedded sensitive data, potentially exposing system information to unauthoriz...
WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Fraud Prevention For Woocommerce versions = 2.3.2...
Improving Methodologies for Agentic Evaluations across Domains: Leakage of Sensitive Information, Fraud and Cybersecurity Threats
The rapid rise of autonomous AI systems and advancements in agent capabilities are introducing new risks due to reduced oversight of real-world interactions. Yet agent testing remains nascent and is still a developing science. As AI agents begin to be deployed globally, it is important that they...
Dutch police sell fake tickets to show how easily scams work
If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a fake ticket website selling tickets that don’t exist. The website, TicketBewust.nl, invites people to order tickets for events like football matches and concerns. But the...
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...
New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim
Meet OPCOPRO, an online scam that builds a fake AI-run world like The Truman Show using WhatsApp and apps to steal IDs via fake KYC and investments...
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service PBaaS economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam cente...
A High-Recall Cost-Sensitive Machine Learning Framework for Real-Time Online Banking Transaction Fraud Detection
Fraudulent activities on digital banking services are becoming more intricate by the day, challenging existing defenses. While older rule driven methods struggle to keep pace, even precision focused algorithms fall short when new scams are introduced. These tools typically overlook subtle shifts ...
Europol Raids Disrupt Black Axe Cybercrime Ring in Spain
Authorities caught 34 members of the notorious Black Axe gang in Spain known for stealing millions of Euros through online romance scams and email fraud...
Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime
Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28...
CVE-2021-22979
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned...
CVE-2026-21447
Bagisto is an open source laravel eCommerce platform. Prior to version 2.3.10, an Insecure Direct Object Reference vulnerability in the customer order reorder function allows any authenticated customer to add items from another customer's order to their own shopping cart by manipulating the order...