Lucene search
K

66 matches found

The Hacker News
The Hacker News
added 2024/03/18 12:35 p.m.40 views

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.12 views

Fedora: Security Advisory for icecat (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.4 views

PT-2023-22108 · Google · Google Docs

Name of the Vulnerable Software and Affected Versions: Google Docs versions prior to the fixed version Description: The issue allows documents operations to be manipulated to contain invalid data types, possibly script code. This could lead to script code injection into an operation that would be...

5.4CVSS5.7AI score0.00383EPSS
Exploits0References7
Hacker One
Hacker One
added 2023/09/25 7:8 p.m.34 views

HackerOne: Google Docs link in JS files allows editing & reading survey information

A Google Docs link was discovered in JavaScript files on a website allowing editing and reading of survey information. The link provided access to edit a survey and view some users' emails and responses...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/28 9:0 p.m.16 views

Google strengthens its Workplace suite protection

Google has announced the strengthening of safeguard measures for its Workspace customers. You may well be using Workspace without realising it. If youre using a Google product such as Gmail, Calendar, Drive, or Google Docs Editors Suite among other apps, then congratulations: you are fully inside...

7AI score
Exploits0
HackRead
HackRead
added 2023/07/22 3:34 p.m.27 views

Phishers Exploiting Google Docs to Harvest Crypto Credentials

By Deeba Ahmed The phishing campaign has been dubbed BEC 3.0 by researchers. This is a post from HackRead.com Read the original post: Phishers Exploiting Google Docs to Harvest Crypto Credentials...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/06 2:0 p.m.26 views

Attackers Exploit Flaw in Google Docs’ Comments Feature

Attackers are using the “Comments” feature of Google Docs to send malicious links in a phishing campaign targeted primarily at Outlook users, researchers have discovered. Researchers from email collaboration and security firm Avanan, a CheckPoint company, first observed “a new, massive wave of...

7.3AI score
Exploits0References6
Wired Threat Level
Wired Threat Level
added 2021/08/20 7:35 p.m.28 views

Google Docs Scams Still Pose a Threat

A 2017 worm caused havoc across the internet. One researcher is warning that despite new protections put in place, it could still happen again...

0.2AI score
Exploits0
HackRead
HackRead
added 2021/06/19 9:8 p.m.49 views

Threat actors using Google Docs exploit to spread phishing links

By Habiba Rashid Cybercriminals have started employing a new phishing attack that abuses the popularity of Google Drive and Docs to bypass security filters. This is a post from HackRead.com Read the original post: Threat actors using Google Docs exploit to spread phishing links...

1.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/17 1:0 p.m.204 views

Threat Actors Use Google Docs to Host Phishing Attacks

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims’ credentials. Researchers at email and collaboration security firm Avanan discovered the campaign, which is th...

7.2AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.73 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:1430-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when overridin...

9.8CVSS7.4AI score0.14542EPSS
Exploits0References24
The Hacker News
The Hacker News
added 2020/12/29 11:21 a.m.5 views

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website. The flaw was discovered on July 9 by security researcher Sreer...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/29 11:21 a.m.134 views

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website. The flaw was discovered on July 9 by security researcher Sreer...

6.6AI score
Exploits0
HackRead
HackRead
added 2020/12/14 6:59 p.m.34 views

MoleRats using Facebook, Dropbox, Google Docs to spread malware

By Deeba Ahmed Cybereason researchers have identified an ongoing espionage campaign using three yet unidentified malware variants. This is a post from HackRead.com Read the original post: MoleRats using Facebook, Dropbox, Google Docs to spread malware...

3.6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/20 8:56 p.m.54 views

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

A spike in recent phishing and business email compromise BEC attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has driven entire businesses into the arms of the Google ecosystem looking for a reliable, simple w...

7.3AI score
Exploits0References6
FireEye
FireEye
added 2020/10/28 12:0 a.m.258 views

Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser

Throughout 2020, ransomware activity has become increasingly prolific, relying on an ecosystem of distinct but co-enabling operations to gain access to targets of interest before conducting extortion. Mandiant Threat Intelligence has tracked several loader and backdoor campaigns that lead to the...

9.3CVSS1.6AI score0.99512EPSS
Exploits75References9
OSV
OSV
added 2019/01/31 9:29 a.m.3 views

CVE-2019-7250

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

6.1CVSS5.9AI score0.00826EPSS
Exploits1References1
Prion
Prion
added 2019/01/31 9:29 a.m.18 views

Cross site scripting

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

4.3CVSS5.8AI score0.00826EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/01/31 9:29 a.m.16 views

CVE-2019-7250

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

6.1CVSS5.9AI score0.00826EPSS
Exploits1References1
CVE
CVE
added 2019/01/31 8:0 a.m.38 views

CVE-2019-7250

The CVE-2019-7250 issue affects the Cross Reference Add-on 36 for Google Docs. The vulnerability is a Stored XSS flaw in the plugin’s configuration panel preview boxes, where crafted label and references text can inject JavaScript code (via SCRIPT elements, event handlers, etc.). The stored paylo...

6.1CVSS5.8AI score0.00826EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder