44 matches found
On Moltbook
The MIT Technology Review has a good article on Moltbook, the supposed AI-only social network: Many people have pointed out that a lot of the viral comments were in fact posted by people posing as bots. But even the bot-written posts are ultimately the result of people pulling the strings, more...
PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
PeckBirdy is a sophisticated JScript-based C&C framework used by China-aligned APT groups to exploit LOLBins across multiple environments, delivering advanced backdoors to target gambling industries and Asian government entities...
CVE-2023-4241
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...
CVE-2025-49437
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in worstguy WP LOL Rotation league-of-legends-rotation allows Stored XSS.This issue affects WP LOL Rotation: from n/a through = 1.0...
WordPress plugin WP LOL Rotation 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
PT-2025-33199 · WordPress · Worstguy Wp Lol Rotation
Name of the Vulnerable Software and Affected Versions: worstguy WP LOL Rotation versions n/a through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Stored Cross-Site Scripting XSS condition. Recommendations: At the moment,...
Malicious code in migrate-lol-account (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88dbcb391cecbefa568dbffa3d4296d9fa09eddb14625e899283b70920acaea4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lol-ninegacha (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 332626b1c4ee5d04b9cf7d47646efa1f37df2e108866df823ccf410a9026d869 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lol-lux-shopping-mall (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a990aae5e086e13c87464c79e52ba48732a675a67318f2a84bd502b2f3b2d1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lol-rp-raffle (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00025362df4c28b05b43b7f7d4ef05b04b5ca52287e9d1df8b20426c4d68d0a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lol-project-2017 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 713140b3d10253eb856068004fa4bc07dfbc38a48b4f0a2a706fe7c242284553 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-2510 Malicious code in index-template-lol (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in lol-pizda (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28119bf8a3685ec67b475cd2445c48a49a636815dc36234375b3535a7f209c7c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1011 Malicious code in lol-huy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 762379a17b4068ddffc2ae82540c61d7e765f81b580f0cddfb5b895b974f1e2a The OpenSSF Package Analysis project identified 'lol-huy' @ 11230000951.0.8 npm as malicious. It is considered malicious because: - The package...
Malicious code in lol-huy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 762379a17b4068ddffc2ae82540c61d7e765f81b580f0cddfb5b895b974f1e2a The OpenSSF Package Analysis project identified 'lol-huy' @ 11230000951.0.8 npm as malicious. It is considered malicious because: - The package...
Trellix 2024 Threat Predictions
Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly complicated...
CVE-2023-4241
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...
CVE-2023-4241
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...
Hardcoded credentials
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...
CVE-2023-4241 lol-html panics on certain HTML inputs
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...