1002 matches found
CVE-2021-37403
OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet user-generated content when a sharing link is created and an App Loader relative URL is used...
CVE-2020-2214
Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...
Google Algorithm Slashes Reddit Traffic: What It Means for UGC Platforms
Reddit Struggles After Google's New Focus on Expertise...
CVE-2024-11861
creationtimestamp| type| source ---|---|--- 2025-05-09 14:00:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114478234561896799 2025-05-09 14:26:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15731 2025-05-09 15:07:36+00:00| seen|...
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
Being the victim of a scam can be devastating. Unfortunately, the number of people who can attest to the truth of this statement, either because they themselves have been scammed or because it has happened to someone they know, is growing. The Global Anti-Scam Alliance GASA reports that in 2024...
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
Being the victim of a scam can be devastating. Unfortunately, the number of people who can attest to the truth of this statement, either because they themselves have been scammed or because it has happened to someone they know, is growing. The Global Anti-Scam Alliance GASA reports that in 2024...
GIFDL: Generated Image Fluctuation Distortion Learning for Enhancing Steganographic Security
Minimum distortion steganography is currently the mainstream method for modification-based steganography. A key issue in this method is how to define steganographic distortion. With the rapid development of deep learning technology, the definition of distortion has evolved from manual design to...
OSV-2025-255 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=407817254 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.String.equals com.github.javaparser.utils.LineSeparator.lookup...
PT-2025-16186 · Git +1 · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The software is susceptible to a security exception triggered during the parsing of Java expressions. The crash state involves com.github.javaparser.GeneratedJavaParser.Expression,...
“Nudify” deepfakes stored unprotected online
Yesterday, we told you about how millions of pictures from specialized dating apps had been stored online without any kind of password protection. Now it's the turn of an AI "nudify" service. A researcher, famous for finding unprotected cloud storage buckets, has uncovered an unprotected AWS buck...
Malicious code in aem-generated-project (npm)
--- -= Per source details. Do not edit below this line.=-...
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake...
MAL-2025-2210 Malicious code in poc-genrateed-by-noob (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2adff977f2503f0afe5fb20e3154fa4f8c9a3d0fa5dc7a96613fb5b9434673b4 The OpenSSF Package Analysis project identified 'poc-genrateed-by-noob' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The...
TVs at HUD Played an AI-Generated Video of Donald Trump Kissing Elon Musk’s Feet
On Monday morning, TV sets at the headquarters of the Department of Housing and Urban Development played the seemingly AI-generated video on loop, along with the words “LONG LIVE THE REAL KING.”...
Rapid7 Fills Gaps in the CVE Assessment Process with AI-Generated Vulnerability Scoring in Exposure Command
NIST released an update highlighting that there would be delays in adding information on newly published CVEs this is also discussed in detail in our blog post from March of 2024. Due to resource constraints and an inability to keep up with the volume of newly-disclosed vulnerabilities, NVD shift...
Intruder Enhances Free Vulnerability Intelligence Platform ‘Intel’ with AI-Generated CVE Descriptions
London, United Kingdom, 18th February 2025, CyberNewsWire...
AIs and Robots Should Sound Robotic
Most people know that robots no longer sound like tinny trash cans. They sound like Siri, Alexa, and Gemini. They sound like the voices in labyrinthine customer support phone trees. And even those robot voices are being made obsolete by new AI-generated voices that can mimic every vocal nuance an...
University site cloned to evade ad detection distributes fake Cisco installer
There is a constant "cat and mouse" game between defenders and attackers, the latter trying to outsmart and get a head start on the former. In the context of online advertising, this involves creating fake identities or using stolen ones to push out malicious ads. An attacker not only needs to...
AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams
AI-generated content is empowering even novice hackers to elevate phishing attacks, enabling highly personalized and convincing scams targeting…...
Tackling AI threats. Advanced DFIR methods and tools for deepfake detection
TL; DR AI-generated documents, videos and more pose significant challenges for DFIR DFIR teams can harness innovative detection strategies and tooling Digital fingerprinting and watermarking, AI-powered and behavioural analyses Hardware-based forensics and image-specific forensic techniques...