Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot continues to report a issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via the regulatoryhintuser call. Such invalid...

@ckeditor/ckeditor-cloud-services-collaboration (>=23.0.0 <=29.0.0), @ckeditor/ckeditor5-real-time-collaboration (>=29.1.0 <=33.0.0) +2 more potentially affected by CVE-2026-33151 via socket.io-parser (=3.4.1)

socket.io-parser NPM version =3.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-parser and may be impacted: - @ckeditor/ckeditor-cloud-services-collaboration =23.0.0, =29.1.0, =29.0.0, =1.5.3, =2.1.0 Source cves: CVE-2026-33151 Source...

SUSE CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

MAL-2026-611 Malicious code in mbo-letters-cl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in mbo-letters-cl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992676 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that...

PT-2025-51252

An SSTI Server-Side Template Injection vulnerability exists in the get dunning letter text method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates body text using frappe.render template with a user-supplied context doc. Although Frappe uses a custom...

EUVD-2001-0038

Malware in sbrugna...

EUVD-2007-1574

Malware in sbrugna...

EUVD-2022-3886

Malicious code in bioql PyPI...

EUVD-2021-33055

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through...

CVE-2021-42740

The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...

UBUNTU-CVE-2025-4035

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...

DEBIAN-CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

UBUNTU-CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

Fake BianLian Ransomware Letters in Circulation

At a glance: The FBI is warning of a mail-based fraud involving letters sent to businesses in the U.S. These letters resemble online ransomware notes demanding payment via Bitcoin. Rapid7 examined a mail-based ransom demand sent to a customer from a local postcode. There is no evidence that any o...

Fake BianLian Ransomware Letters in Circulation

At a glance: The FBI is warning of a mail-based fraud involving letters sent to businesses in the U.S. These letters resemble online ransomware notes demanding payment via Bitcoin. Rapid7 examined a mail-based ransom demand sent to a customer from a local postcode. There is no evidence that any o...

FBI Warns of Data Extortion Scam Targeting Corporate Executives

The Federal Bureau of Investigation FBI Internet Crime Complaint Center IC3 has released an alert warning of a scam involving criminal actors masquerading as the “BianLian Group.” The cyber criminals target corporate executives by sending extortion letters threatening to release victims’ sensitiv...