EUVD-2025-120028

Malicious code in buzz-invasion npm...

MAL-2025-140261 Malicious code in buzz-invasion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61a7617eda9ffa84bbc251331724293f7dffc8f255e37b2f026a2ce00f4fb5f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Smartphone User Fingerprinting on Wireless Traffic

Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user...

Chatbots Are Pushing Sanctioned Russian Propaganda

ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds...

EUVD-2009-5118

Malware in sbrugna...

Here’s What to Know About Poland Shooting Down Russian Drones

On Wednesday morning, Poland shot down several Russian drones that entered its airspace—a first since Moscow’s invasion of Ukraine. The incident disrupted air travel and set the region on edge...

CVE-2009-10006

UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply specifically a 001 message, the application fails to properly validate the length of...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the IRC client process when handling crafted numeric replies from an IRC server. An attacker can execute arbitrary code by sending a specially crafted 001 message during the automatic IRC connection proces...

CVE-2009-10006

UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply specifically a 001 message, the application fails to properly validate the length of...

CVE-2009-10006 UFO: Alien Invasion <= 2.2.1 IRC Client Buffer Overflow

UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply specifically a 001 message, the application fails to properly validate the length of...

CVE-2009-10006

UFO: Alien Invasion (versions up to and including 2.2.1) contains a stack-based buffer overflow in the built-in IRC client component. When the client processes a crafted IRC 001 numeric reply during automatic IRC connection handling, the string length validation can overflow the stack, potentiall...

UFO: Alien Invasion 安全漏洞

UFO: Alien Invasion is a game by UFO: Alien Invasion. A security vulnerability exists in UFO: Alien Invasion 2.2.1 and earlier versions, which stems from a buffer overflow in the built-in IRC client component that could lead to the execution of arbitrary code...

PT-2025-34366 · Unknown · Ufo: Alien Invasion

Name of the Vulnerable Software and Affected Versions: UFO: Alien Invasion versions up to and including 2.2.1 Description: UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow in its built-in IRC client component. When the client connects to an IRC server and receives ...

Proxy Services Feast on Ukraine’s IP Address Exodus

Image: Mark Rademaker, via Shutterstock. Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of...

Location Tracking App for Foreigners in Moscow

Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph...

North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on th...

Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home

When you next type something sensitive on your computer keyboard, be sure that no-one else is watching. A recent case of alleged cyber-voyeurism shows how important it is to secure your computer against unwanted eavesdroppers using malwareware. In a class action lawsuit, six women have accused...

Gamaredon campaign abuses LNK files to distribute Remcos backdoor

Cisco Talos is actively tracking an ongoing campaign targeting users in Ukraine with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian words related to the movement of troops in Ukraine as a lure. The PowerShell downloader contacts...

Tesla’s Cybertruck Goes, Inevitably, to War

A handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?...

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier...