Lucene search
K

47 matches found

Packet Storm News
Packet Storm News
added 2026/04/02 12:0 a.m.2 views

Synthetic Trust Attacks: Modeling How Generative AI Manipulates Human Decisions in Social Engineering Fraud

Imagine receiving a video call from your CFO, surrounded by colleagues, asking you to urgently authorise a confidential transfer. You comply. Every person on that call was fake, and you just lost $25 million. This is not a hypothetical. It happened in Hong Kong in January 2024, and it is becoming...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-21542

Malware in sbrugna...

7.8CVSS7.7AI score0.02103EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-7209

Malware in sbrugna...

7.8CVSS7.7AI score0.00883EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-7077

Malware in sbrugna...

5CVSS6.4AI score0.01537EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-1350

Malware in sbrugna...

6.3CVSS6.1AI score0.0035EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-51304

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:1 a.m.7 views

CVE-2013-5193

The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a 1 App purchase or 2 In-App purchase by leveraging previous entry of Apple ID credentials...

4.7CVSS6.3AI score0.00258EPSS
Exploits1References1
hivepro
hivepro
added 2025/05/02 11:0 a.m.3 views

From Inventory to Influence: How CAASM Shifts Security’s Leverage

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Most security teams already know...

7AI score
Exploits0
CVE
CVE
added 2025/04/23 4:47 p.m.76 views

CVE-2025-2761

CVE-2025-2761 — GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution . The vulnerability affects GIMP and stems from insufficient validation during FLI file parsing, causing a write past the end of an allocated buffer and enabling code execution in the victim process. Exploitation requ...

7.8CVSS7.5AI score0.01432EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/02/19 5:54 p.m.93 views

CVE-2025-1118

CVE-2025-1118 affects grub2 where the dump command is not blocked in lockdown/Secure Boot mode, allowing a local attacker to read arbitrary memory (signatures, salts, and other sensitive data). The issue is tied to grub2 memory access during lockdown and memory leakage from the dump/read path. Pu...

4.4CVSS5.5AI score0.00286EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2024/06/12 12:0 a.m.13 views

Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.7AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/22 2:14 a.m.34 views

CVE-2024-23124 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.3AI score0.00554EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/12/27 4:48 a.m.4 views

Malicious code in mux-leverage-protocol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b12623ebfedef36fcab6ff1f92426346cafe3c214979943b5a2be849cf35a9d3 The OpenSSF Package Analysis project identified 'mux-leverage-protocol' @ 1.999.0 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSV
OSV
added 2023/12/27 4:48 a.m.8 views

MAL-2023-8747 Malicious code in mux-leverage-protocol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b12623ebfedef36fcab6ff1f92426346cafe3c214979943b5a2be849cf35a9d3 The OpenSSF Package Analysis project identified 'mux-leverage-protocol' @ 1.999.0 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/10/30 12:0 a.m.13 views

Taking deposits hostage

Lines of code Vulnerability details Impact An initial attacker can gain the power to hold subsequent deposits into StakedUSDeV2 hostage, and release them at will e.g. for a ransom. Proof of concept The checkMinShares requirement called after any withdrawal and deposit function checkMinShares...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.15 views

GeVault#poolMatchesOracle is extemely easy to manipulate due to how it calculates underlying token balances

Lines of code Vulnerability details Impact GeVaultpoolMatchesOracle uses the UniV3Pool.slot0 to determine the number of tokens it has in it's position. slot0 is the most recent data point and is therefore extremely easy to manipulate. Given that the protocol specializes in leverage, the effects o...

6.8AI score
Exploits0
NVD
NVD
added 2023/06/26 10:15 p.m.16 views

CVE-2023-35695

A remote attacker could leverage a vulnerability in Trend Micro Mobile Security Enterprise 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product...

7.5CVSS7.5AI score0.01466EPSS
Exploits1References2
Malwarebytes
Malwarebytes
added 2023/06/21 3:0 a.m.15 views

Ransomware attackers email bemused students as leverage for a payout

The University of Manchester has fallen victim to a ransomware gang, who are currently applying an interesting twist to their attack. Blackmail and pressure are two ways to extract funds from potential victims. We see this in sextortion cases, as well as in social engineering. Here, the fraudster...

6.8AI score
Exploits0
OSV
OSV
added 2023/06/15 9:30 p.m.8 views

GHSA-66C9-XRWJ-9XV6 Magento Open Source affected by Improper Input Validation

Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this vulnerability to impact the availability of a user's...

5.1CVSS3.3AI score0.00914EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/03/28 11:54 a.m.40 views

Breaking the Mold: Pen Testing Solutions That Challenge the Status Quo

Malicious actors are constantly adapting their tactics, techniques, and procedures TTPs to adapt to political, technological, and regulatory changes quickly. A few emerging threats that organizations of all sizes should be aware of include the following: Increased use of Artificial Intelligence a...

7.8AI score
Exploits0
Rows per page
Query Builder