Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion

Razer Sila Gaming Router 2.0.441api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files. id: CVE-2022-29014 info: name: Razer Sila Gaming Router 2.0.441api-2.0.418 - Local File Inclusion author: edoardottt severity: high description: Razer Sila Gaming...

Razer Sila Gaming Router - Remote Code Execution

A command injection in the command parameter of Razer Sila Gaming Router v2.0.441api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request. id: CVE-2022-29013 info: name: Razer Sila Gaming Router - Remote Code Execution author: DhiyaneshDK severity: critical descriptio...

Acer Predator Connect W6x 安全漏洞

The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a security vulnerability. This vulnerability arises from the improper validation of the HTTP Authorization header by the Web endpoint of the...

Acer Predator Connect W6x 代码注入漏洞

The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a code injection vulnerability, which stems from allowing injections and execution of arbitrary shell commands...

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 CVSS score: 6.5, an...

Securing the gaming culture of cultures

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

@drop-in-gaming/core (=0.1.7), demo-message (=1.0.0) +16 more potentially affected by unknown CVE via canvas-nest.js (>=2.0.3 <=2.0.4)

canvas-nest.js NPM version =2.0.3, =1.0.3, =1.0.0, =1.0.0, =1.0.18, =0.6.32, =0.4.17, =0.0.1, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4131...

May 12, 2026—KB5089548 (OS Build 28000.2113)

May 12, 2026—KB5089548 OS Build 28000.2113 ​​​​​This cumulative update for Windows 11, version 26H1 KB5089548 includes the latest security fixes and improvements, along with non-security updates from last month's optional preview release. Visit the Windows release health dashboard for the latest...

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCall to likely target ethnic Koreans residing in China. While prior versions of the backdoor hav...

Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers

A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus...

MAL-2026-3203 Malicious code in buffparser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cc891132b1216e9093bcdd4581373dc7f750f700c82347c28bd1dff079261d8 Described as a utility for gaming, the code starts a reverse shell when using the exposed alledegdly parsing function. --- Category: MALICIOUS - The campaign h...

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

We’ve uncovered multiple campaigns distributing an infostealer we track as NWHStealer , using everything from fake VPN downloads to hardware utilities and gaming mods. What makes this campaign stand out isn’t just the malware, but how widely and convincingly it’s being spread. Once installed, it...

CVE-2026-5420

A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.200. The affected element is an unknown function of the file jRwTX.java of the component cats.goods.sort.sorting.games. Performing a manipulation of the argument AESIV/AESPASSWORD results in use of hard-coded...

Wave Browser Brings Gaming Tools and Ocean Cleanup into the Same Tab

Wave Browser for gaming: built for multitasking, streaming, and tabs, with tools for gamers plus ocean cleanup support tied to everyday browsing activity...

Playnance Introduces Participation-First Model for Social Gaming with New Protocol Launch

Playnance launches social gaming protocol powered by GCOIN, enabling user participation in ecosystem value, transparency, and shared digital growth...

MAL-2026-1578 Malicious code in browser-gaming-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6192938bfd5be1cecf133866c6e290b57293bede88ca5b11d8af9aab40bae003 The package browser-gaming-client was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in browser-gaming-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6192938bfd5be1cecf133866c6e290b57293bede88ca5b11d8af9aab40bae003 The package browser-gaming-client was found to contain malicious code. Source: ossf-package-analysis...

New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit

The new infostealer campaign spreads Vidar 2.0 via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting young gamers ignoring security warnings...

Gaming Clans Become Growth Engine for Playnance Ecosystem

Playnance partners with KGeN, connecting its Web3 gaming ecosystem to 53M gamers and 30K clans through community-driven platforms...

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan RAT. "A malicious downloader staged a portable Java runtime and executed a malicious Java archive JAR file named...