CLSA-2026-1772644488 Update of ca-certificates

update to CKBI 2.82 from NSS 3.121 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...

CLSA-2026-1772644297 Update of ca-certificates

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...

CVE-2025-34336

Affected software: eGovFramework/egovframe-common-components

Malicious code in trevora-kisa-cir7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65d5403e170f5be9739617987a7ff606173eef8d9faab194a2a6165662b9e27f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-147495

Malicious code in trevora-kisa-cir7 npm...

Kimsuky APT continues to target South Korean government using AppleSeed backdoor

This blog post was authored by Hossein Jazi. The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North Korean threat actor that has been active since 2012. The group conducts cyber espionage operations to target government entities mainly in South Korea. On December...

Attacks Leveraging Adobe Zero-Day (CVE-2018-4878) – Threat Attribution, Attack Scenario and Recommendations

On Jan. 31, KISA KrCERT published an advisory about an Adobe Flash zero-day vulnerability CVE-2018-4878 being exploited in the wild. On Feb. 1, Adobe issued an advisory confirming the vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions, and that successful exploitation coul...

[Full-disclosure] KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability

Title : KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability Version : AxKSignSWAT.dll KSignSWAT ActiveX Control ver. 2.0.3.3 Discoverer : KIM, KEE HONG [email protected] Critical : High Critical Test system : Windows XP SP2 Korean All patched : Windows XP SP2 English All...

Touch arbitrary file execute vulnerability

Title: Touch arbitrary file execute vulnerability Version: Touch Control 2, 0, 0, 55 Discoverer: PARK, GYU TAE [email protected] Advisory No.: NRVA06-04 Critical: Critical Impact: Gain remote user's privilege Where: From remote Operating System: Windows Only Solution: Patched Notice: 16. 06...