Lucene search
K

4 matches found

OSV
OSV
added 2022/07/06 6:0 p.m.25 views

CVE-2022-31127 Improper handling of email input in next-auth

NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail signin endpoint that contains some malicious HTML, tricking the e-mail server to send it to the user, so they can perform a phishing attack. Eg.:...

7.1CVSS6.5AI score0.01051EPSS
Exploits1References7
Malwarebytes
Malwarebytes
added 2022/03/16 11:0 a.m.16 views

Fake Royal Mail chatbot offers up…a new iPhone?

Royal Mail scams are always popular techniques for people up to no good. We’ve covered them several times over the last year or so. A quick reminder: Your parcel is waiting for delivery This is the go-to tactic for fake Royal Mail phishing attacks. You receive a text claiming there’s a parcel in...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/22 2:36 p.m.44 views

Hotel staff bust Hermes SMS scammer with suspiciously large number of cables

If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/05/26 12:0 a.m.1 views

Suspicious Link Redirection Mail Phishing Attempt

Several mail phishing campaigns use embedded redirection links to lure the victim user to download malicious files...

1.9AI score
Exploits0
Rows per page
Query Builder