Traccar 跨站脚本漏洞

Traccar is a Java-based website monitoring system developed by the American company Traccar. This software supports over 170 GPS protocols and over 1,500 types of GPS tracking devices. Traccar can be used alongside any major SQL database systems. It also provides a user-friendly REST API. Version...

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the...

EUVD-2022-50997

Malicious code in bioql PyPI...

EUVD-2022-50998

Malicious code in bioql PyPI...

EUVD-2022-47491

Malicious code in bioql PyPI...

Finding Phones Fast: Low-Latency and Scalable Monitoring of Cellular Communications in Sensitive Areas

The widespread availability of cellular devices introduces new threat vectors that allow users or attackers to bypass security policies and physical barriers and bring unauthorized devices into sensitive areas. These threats can arise from user non-compliance or deliberate actions aimed at data...

Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It's believed to be...

CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access...

CVE-2022-44549

The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality...

CVE-2022-48297

The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access...

TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple...

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the "threat actor has previously used...

TimbreStealer campaign targets Mexican users with financial lures

Cisco Talos has discovered a new campaign operated by a threat actor distributing a previously unknown malware were calling "TimbreStealer." This threat actor was observed distributing TimbreStealer via a spam campaign using Mexican tax-related themes starting in at least November 2023. The threa...

Banking Trojans Target Latin America and Europe Through Google Cloud Run

Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth aka Guildma, Mekotio, and Ousaban aka Javali to targets across Latin America LATAM and Europe. "The infection chain...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot version 1.14 and earlier versions that stems from a lack of a synchronization mechanism for loading geofencing data...

Saints Turned Evil

Saints Turned Evil By Daksh Kapur and Rohan Shah · January 2, 2024 This blog was also written by Sushant Kumar Arya Attribution at the Bottom As technology advances, attackers are constantly developing new evasion mechanisms to bypass security products and stay one step ahead of security vendors...

Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave

The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country...

New Campaign Targets Middle East Governments with IronWind Malware

Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under the name TA402,...

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...

China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons

An ongoing cyber attack campaign originating from China is targeting the Southeast Asian gambling sector to deploy Cobalt Strike beacons on compromised systems. Cybersecurity firm SentinelOne said the tactics, techniques, and procedures point to the involvement of a threat actor tracked as Bronze...