PT-2026-36951

Name of the Vulnerable Software and Affected Versions Subscribe To Comments Reloaded versions prior to 240120 Description The Subscribe To Comments Reloaded plugin for WordPress allows unauthenticated attackers to modify data without authorization. This is caused by a leaked secret key and the us...

CSPro Users CSWeb 安全漏洞

CSPro Users CSWeb is a web application developed by CSPro Users Inc. It allows users to securely transfer cases or files between client devices and web servers. Version 8.0.1 of CSPro Users CSWeb contains a security vulnerability. This vulnerability stems from the ability to access app/config via...

CVE-2025-27093

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does not limit traffic between Wireguard clients. This allows clients to communicate with each other unrestrictedly, potentially...

Code injection

Tauri is a framework for building binaries for all major desktop platforms. This advisory is not describing a vulnerability in the Tauri code base itself but a commonly used misconfiguration which could lead to leaking of the private key and updater key password into bundled Tauri applications...

Encryption 101: How to break encryption

Continuing on in our Encryption 101 series, where we gave a malware analyst's primer on encryption and demonstrated encryption techniques using ShiOne ransomware, we now look at what it takes to break an encryption. In order for something as powerful as encryption to break, there needs to be some...

Petya Sabotages Rival Ransomware Chimera, Leaks 3,500 Decryption Keys

There is no honor among thieves, as the saying goes, and that includes ransomware crooks. In an apparent move to sabotage a ransomware competitor, the authors of the Mischa and Petya ransomware-as-a-service leaked 3,500 decryption keys for its competitor Chimera ransomware. The move appears to be...