TLS Certificate and Domain Feature Analysis of Phishing Domains in the Danish .Dk Namespace

Phishing attacks remain a persistent cybersecurity threat, and the widespread adoption of TLS certificates has unintentionally enabled malicious websites to appear trustworthy to users. This study examines whether certificate metadata and domain characteristics can help distinguish phishing domai...

Behind the Curtain: How Shared Hosting Providers Respond to Vulnerability Notifications

Large-scale vulnerability notifications VNs can help hosting provider organizations HPOs identify and remediate security vulnerabilities that attackers can exploit in data breaches or phishing campaigns. Previous VN studies have primarily focused on factors under the control of reporters, such as...

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

EUVD-2025-4089

Malicious code in bioql PyPI...

EUVD-2025-0013

Malicious code in bioql PyPI...

CVE-2025-25203 Ctrlpanel has stored XSS vulnerability in TicketsController priority field

CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting XSS vulnerability exists in the TicketsController and Moderation/TicketsController due to insufficient input validation on the priority field during ticket creation and unsafe rendering o...

GHSA-7M27-7GHC-44W9 Next.js Allows a Denial of Service (DoS) with Server Actions

Impact A Denial of Service DoS attack allows attackers to construct requests that leaves requests to Server Actions hanging until the hosting provider cancels the function execution. Note: Next.js server is idle during that time and only keeps the connection open. CPU and memory footprint are low...

Next.js Allows a Denial of Service (DoS) with Server Actions

Impact A Denial of Service DoS attack allows attackers to construct requests that leaves requests to Server Actions hanging until the hosting provider cancels the function execution. Note: Next.js server is idle during that time and only keeps the connection open. CPU and memory footprint are low...

CVE-2024-56332 Next.js Vulnerable to Denial of Service (DoS) with Server Actions

Next.js is a React framework for building full-stack web applications. Starting in version 13.0.0 and prior to versions 13.5.8, 14.2.21, and 15.1.2, Next.js is vulnerable to a Denial of Service DoS attack that allows attackers to construct requests that leaves requests to Server Actions hanging...

CVE-2024-56332 Next.js Vulnerable to Denial of Service (DoS) with Server Actions

Next.js is a React framework for building full-stack web applications. Starting in version 13.0.0 and prior to versions 13.5.8, 14.2.21, and 15.1.2, Next.js is vulnerable to a Denial of Service DoS attack that allows attackers to construct requests that leaves requests to Server Actions hanging...

WordPress Database Scanning For Malware Released in Wordfence CLI 5.0.1

Today we’re excited to announce the recent release of Wordfence CLI version 5.0.1 which includes a much requested feature from security analysts, hosting providers and ops teams: Database scanning for WordPress. Now you can scan any WordPress database you have access to for malware and...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 26, 2024 to September 1, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024, researchers c...

Next.js Server-Side Request Forgery in Server Actions

Impact A Server-Side Request Forgery SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js...

BIT-MYSQL-CLIENT-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 30, 2023 to November 5, 2023)

Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 79 vulnerabilities disclosed in 64 WordPress Plugins and no WordPress themes that have been added to the Wordfence...

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that's engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging...

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service DDoS attack that peaked at over 71 million requests per second RPS. "The majority of attacks peaked in the ballpark of 50-70 million requests per second RPS with the largest...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0076)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

Wordfence Intelligence Launches New Malware Hash Feed!

Today, the Wordfence team is launching a Malware Hash Feed as part of our Wordfence Intelligence API. This gives our Enterprise users another way to rapidly and definitively identify malware targeting web applications. As the world’s foremost WordPress security provider, Wordfence has an expertly...

Wordfence Launches Wordfence Intelligence for Hosts and Network Defenders

This morning the Wordfence team is launching Wordfence Intelligence live at Black Hat 2022 in Las Vegas. Our entire team is here in Las Vegas, including our international team members. Id like to tell you more about what were launching and how Wordfence Intelligence will help us go even further t...