2837 matches found
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile EPMM can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitati...
openSUSE 16 Security Update : tailscale (openSUSE-SU-2026:20192-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20192-1 advisory. Changes in tailscale: - Update to version 1.94.0: IS SET and NOT SET have been added as device posture operators India DERP Region City Name...
Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next
When Rapid7 published its analysis of the Chrysalis backdoor linked to a compromise of Notepad++ update infrastructure, it raised understandable questions from customers and security teams. The investigation showed that attackers did not exploit a flaw in the application itself. Instead, they...
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397 XSS in Ankara Hosting's web site
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397 XSS in Ankara Hosting's web site
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397
The CVE-2025-6397 entry corresponds to an XSS in Ankara Hosting Website Design Website Software, specifically a Reflected XSS due to improper neutralization of input during web page generation. The PT-2026-5942 detail identifies the affected software as Ankara Hosting Website Design Website Softw...
EUVD-2025-206769
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to...
PT-2026-5942
Name of the Vulnerable Software and Affected Versions Ankara Hosting Website Design Website Software version 03022026 Description The software contains a Reflected Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows an attacker to inject...
Notepad++ Updates Delivered Malware After Hosting Provider Breach
A months-long breach allowed Chinese State-sponsored hackers to hijack Notepad++ updates in 2025, exposing users to malware via a compromised hosting provider...
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved an infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic...
EUVD-2026-5001
LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...
Ghost cross-site scripting vulnerabilities
Ghost is a hosting service developed by the Ghost open-source project. Versions of Ghost from 5.43.0 to 5.12.04, as well as 6.0.0 to 6.14.0, have a cross-site scripting vulnerability. This vulnerability arises because specially crafted links may execute JavaScript, potentially leading to account...
K000159681: Credential harvesting campaign targeting F5 VPN users
On January 13, 2026, researchers identified a large-scale credential harvesting campaign targeting several VPN providers, including F5. The threat actors behind the campaign registered numerous doppelgänger domains designed to mimic legitimate F5 domains. These domains are used to deceive victims...
YetiShare File Hosting Script security vulnerability
YetiShare File Hosting Script is a file hosting system provided by the British company YetiShare. Version 5.1.0 of YetiShare File Hosting Script contains a security vulnerability. This vulnerability stems from a server-side request forgeing issue in the remote file upload function, which may lead...
CVE-2026-23499
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...