EUVD-2006-6849

Malware in sbrugna...

1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products

Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create and promote fake product listings. The threat, dubbed "Phish ‘n Ships" by the researchers, reportedly infected more than 1,000...

Android malware FakeCall intercepts your calls to the bank

An Android banking Trojan called FakeCall is capable of hijacking the phone calls you make to your bank. Instead of reaching your bank, your call will be redirected to the cybercriminals. The Trojan accomplishes this by installing itself as the default call handler on the infected device. The...

Security Bulletin: IBM TXSeries for Multiplatforms is vulnerable to attacks attempting to obtain sensitive information or determine valid usernames.

Summary Webpages that are shipped as part of IBM TXSeries for Multiplatforms are vulnerable to attacks attempting to obtain sensitive information or determine valid usernames. Updates to IBM TXSeries for Multiplatforms have been released to address this vulnerability. Vulnerability Details...

CVE-2024-45799

Affected software: FluxCP web-based control panel for rAthena servers. Vulnerability: JavaScript injection via un sanitised content on venders/buyers list pages and shop names. Root cause / how it works: Unsanitised data in the shop-related pages allows injecting arbitrary JavaScript code that is...

Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets

A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed in the form of...

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

A new "all-in-one" stealer malware named EvilExtractor also spelled Evil Extractor is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "I...

Malicious code in tpmineedcv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3049023593c5d4ce0e4461018eaf519a11d2c1ac10e73ecd0d8fc6e3707a2189 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-3362 Malicious code in esqreinfore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8293efe10f27df0acc54ec9cbc0787d44c76f14933703f142460727f57508b75 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-pushstudyrandom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx cbbd6ba7bf33fcba9bb554c7ea47284eb4a056f9c2057c42539a93f88921b81e EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-3005 Malicious code in esqinthacked (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 09e1e0f78c901cdba11f476ef4e661aaf3432e2d53c8a3b0c055fd1b89a6deff EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

CVE-2022-39301

CVE-2022-39301 concerns sra-admin, a front/back-end separated rights management system. The issue affects version 1.1.1, where a storage cross-site scripting (XSS) vulnerability lies in the Profile Picture Upload under Personal Center. An attacker who logs in could upload an HTML page containing ...

Cross site scripting

A blind XSS vulnerability exists in Web-School ERP V 5.0 via Add Events in event name and description fields. An attacker can inject a JavaScript code that will be stored in the page. If any visitor sees the event, then the payload will be executed and sends the victim's information to the attack...

Security Bulletin: Potential vulnerability with IBM WebSphere Application Server

Summary A potential vulnerability has been identified related to IBM WebSphere Application Server. Refer to details for additional information. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could...

CVE-2020-6440

CVE-2020-6440 concerns an insecure extension handling in Chromium/Google Chrome prior to 81.0.4044.92, caused by an inappropriate implementation in extensions. An attacker could exploit this by convincing a user to install a malicious extension, potentially leading to disclosure of sensitive info...

Adobe Acrobat and Reader Out-of-bounds read (APSB19-07: CVE-2019-7047)

A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

A week in security (June 4 – June 10)

Last week on Labs, we took a look at hidden mobile ads, the perils of social media spam, and how to shore up your landline defenses. We also took a deep dive into Emotet malware analysis, and gave you some summertime safety tips. Other news Update your Adobe Flash player if you haven't already...

Design/Logic Flaw

Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service by deleting the configuration via a wc.dll?wwMaintEditConfig request which reaches an older version of a West Wind Web Connection HTTP service...

Apple Mac OS X Multiple Vulnerabilities (HT207922)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Certly: Non secure requests at guard.certly.io not upgrading to https

The issue is of http requests not upgrading to https at before mentioned domain. Thus can allow an attack to steal important info like credentials and all other type of info. Your domain is hsts preloaded so automatically upgraded to https , but the browsers who don't have this mentioned support...