Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

The U.S. Department of Justice DoJ on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg , 40, of Georgia, and Kevin Martin , 36, of Texas, were accused of deploying th...

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the preview component when processing input with an extra command line argument such as -pp. An attacker can cause the application to crash by providing crafted input that triggers an integer overflow, leading to t...

LinkAce 安全漏洞

LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce 2.4.2 and earlier contained a security vulnerability; this vulnerability stemmed from a storage-type cross-site scripting vulnerability in the list’s Atom...

Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth

Claymont, Delaware, 1st December 2025, CyberNewsWire...

Drupal core 8.0.0-10.4.8,10.5.0-10.5.5,11.0.0-11.1.8,11.2.0-11.2.7 - Unauthenticated Defacement vulnerability

Unauthenticated Defacement vulnerability discovered by Kevin Quillen kevinquillen in WordPress Core Drupal versions 8.0.0-10.4.8,10.5.0-10.5.5,11.0.0-11.1.8,11.2.0-11.2.7...

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat aka ALPHV ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator aka "Co-Conspirator 1" based ...

EUVD-2006-5126

Malware in sbrugna...

EUVD-2019-3157

Malware in sbrugna...

EUVD-2024-52045

Malicious code in bioql PyPI...

CVE-2025-48313

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kevin heath Tripadvisor Shortcode tripadvisor-shortcode allows Stored XSS.This issue affects Tripadvisor Shortcode: from n/a through = 2.2...

PT-2025-35002

Name of the Vulnerable Software and Affected Versions: Tripadvisor Shortcode versions through 2.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update Tripadvisor Shortcod...

CVE-2025-48303

Cross-Site Request Forgery CSRF vulnerability in Kevin Langley Jr. Post Type Converter post-type-converter allows Cross Site Request Forgery.This issue affects Post Type Converter: from n/a through = 0.6...

CVE-2025-48303 WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kevin Langley Jr. Post Type Converter post-type-converter allows Cross Site Request Forgery.This issue affects Post Type Converter: from n/a through = 0.6...

CVE-2025-48303

CVE-2025-48303 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Post Type Converter (versions up to 0.6). The entry lists a CVSS v3.1 base score of 4.3 (Medium) with vectors: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N. Connected sources corroborate the CSRF flaw and no...

PT-2025-34603 · WordPress · Convert Post Types

Name of the Vulnerable Software and Affected Versions: Post Type Converter versions through 0.6 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to perform actions on behalf of an authenticated user without their knowledge. Recommendations: At the...

USN-7620-1 File::Find::Rule vulnerability

Kevin Ryde discovered that File::Find::Rule incorrectly handled certain file names. An attacker could possibly use this issue to execute arbitrary code...

CVE-2024-53712

Cross-Site Request Forgery CSRF vulnerability in kevmimcc Kevin's kevins-plugin allows Stored XSS.This issue affects Kevin's: from n/a through = 2.0.0...

WordPress plugin Kevin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2024-35819 · Unknown · Kevin'S Versions

Name of the Vulnerable Software and Affected Versions: Kevin's versions n/a through 2.0.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can execute malicious scripts on a user's browser, potentially leading to unauthorized...

Shared 安全漏洞

Shared is a library by Kevin Jones, a personal developer. Shared has a security vulnerability that stems from the entry function lib.deepCopy being vulnerable to prototype contamination...