13 matches found
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 CVSS score: 6.5, an...
Scammers Unleash Flood of Slick Online Gaming Sites
Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tacti...
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users
Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that's being propagated via fraudulent gaming websites. "Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing...
FBI Denies Service to 15 DDoS-for-Hire Sites, Charges Operators
The Justice Department has taken 15 internet domains associated with DDoS-for-hire services offline, and has filed charges against three defendants who allegedly ran them. DDoS for hire or DDoS-as-a-service operations make it simple for any layperson to carry out DDoS attacks, flooding targets wi...
'DerpTroll' Faces 10 Years in Prison for DDoSing Gaming Sites as a Teen
After a short but disruptive career knocking popular online gaming sites offline for sport, Austin Thompson, a.k.a. “DerpTroll,” has pleaded guilty to hacking charges. He faces a maximum penalty of 10 years prison and a $250,000 fine. Thompson, a 23-year-old Utah resident, made his plea on Tuesda...
Mail.ru: Излишние права при авторизации через интерфейс mail.ru
account.mail.ru allows user to be authenticated by external mail password. If user is authenticated with external e-mail and e-mail's password via account.mail.ru interface, he can access some of the gaming sites without additional authentication, though these sites can use different account...
MangosWeb SQL Injection Vulnerability
No description provided by source. EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev...
OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...
New Malware, JKDDOS, Targets Commodities Investment Firms
Researchers at Arbor Networks say they have discovered unique samples of a new family of malware that is targeting large investmen firms with holdings in the commodities markets, especially the mining industry. The malware, dubbed ‘JKDDOS,’ is used to launch distributed denial of service DDOS...
Cyber Gang War: Korean Crime Duo Nabbed for Web Attacks !
Several members of a Korean crime gang were arrested this past Sunday Jan. 9 for hiring hackers to launch distributed denial-of-service attacks DDoS against gaming sites owned by rival gangsters. The Korea Times reports four members of a crime gang based in Incheon, South Korea hired a hacker,...
OneCMS 2.4 Remote SQL Injection / Upload Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...
onecms-sql.txt
WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! ...
OneCMS 2.4 - SQL Injection / Upload
WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! ...