Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails...

EUVD-2014-5691

Malware in sbrugna...

EUVD-2016-1715

Malware in sbrugna...

CVE-2016-10716

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

Socid-Extractor - Extract Accounts Info From Personal Pages On Various Sites For OSINT Purpose

Extract information about a user from profile webpages / API responses and save it in machine-readable format. Usage As a command-line tool: $ socidextractor --url https://www.deviantart.com/muse1908 country: France createdat: 2005-06-16 18:17:41 gender: female username: Muse1908 website:...

USN-5321-2 firefox vulnerabilities

USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu. Original advisory details: Multiple...

Mail.ru: blog/wp-json/wp/v2/users FILE is enable it will used for bruteforce attack the admin panel at blog/wp-login.php

hello team, The file v2/users at https://happynumbers.com/blog/wp-json/wp/v2/users/ is enabled and this give the attacker many users names like admin adam Alexa Alina Danny David Fedor Olga to use them at https://happynumbers.com/blog/wp-login.php on BRUTE FORCE attack because no protection again...

Mail.ru: stand.pw.mail.ru xss

http://stand.pw.mail.ru:9100/news.php?archive=news&type=last"alert1&page=1 payload is:"alert1 Impact Can steal Cookie, Can run javascript code, and get information sensitive...

Mail.ru: Deliviry Club Courier app (v. 3.9.25.0); Disclosure phone number of client.

Здравствуйте. Я нашёл баг в приложениидля курьеров, позволяющий получить реальный номер телефона клиента. Обычно, когда курьеру необходимо позвонить клиенту для уточнения какого-либо вопроса, курьер нажимает "Позвонить клиенту", и после этого совершается звонок не на номер клиента, а через Delive...

Mail.ru: reflected xss in e.mail.ru

Login and go to https://e.mail.ru/addressbook/letter/S?afterReload=1&MailboxStatusAutoCall=alert1 Impact Stealing users' information...

Career Navigator talk for IT Hub College

Last week I gave a "Career Navigator" talk for the students of the IT Hub College in Moscow. By the way, this college has a very interesting practical information security program. If it is relevant for you, check it out. Ive never talked so much about myself in public. It was like giving advises...

Mail.ru: SSRF + RCE через fastCGI в POST /api/nr/video

Domain, site, application -- app.nativeroll.tv Steps to reproduce -- 1. Традиционно нужен аксес токен от аккаунта паблишера, можно зарегистрировать здесь https://seedr.ru/register-user/publisher 2. Войти как паблишер https://seedr.ru/login/publisher 3. Поперехватывать запросы, получить токен. 4...

Mail.ru: Subdomain Takeover

Hi team, Actually team this bug is similar to my previous bug which I submitted-██████ Issue details:- Subdomain takeover vulnerabilities occur when a subdomain subdomain.example.com is pointing to a service e.g. GitHub pages, Heroku, etc. that has been removed or deleted. This allows an attacker...

Mail.ru: RCE в .api/nr/report/{id}/download

Domain, site, application -- app.nativeroll.tv Steps to reproduce -- Нужен аккаунт рекламодателя, можно зарегистрировать здесь https://seedr.ru/register-user/advertiser 1. Войти как рекламодатель https://seedr.ru/login/advertiser 2. Пощелкать что-нибудь, поперехватывать запросы, нужен accesstoken...

Mail.ru: Cross-site Scripting (XSS) - Stored

Stored XXS at https://otvet.mail.ru via question with answers to choose one. XSS payload in answer...

Mail.ru: [185.30.178.57:8080] - Vulnerable to Jetleak

sfpc.euits.dev-my.games contains a vulnerable to JetLeak web server Jetty...

Mail.ru: [ii.worki.ru ] emarsys subdomain takeover

hi team i am find a subdomain takeover vulnerbility in ii.worki.ru subdomain the ii.worki.ru which is delegated to emarsys.net , which is vulnerable to takeover. CName :- ████████ Name: ii.worki.ru Type:CNAME when you search https://ii.worki.ru it redirects to █████████ which is emarsys.net servi...

Mail.ru: Read-only user can edit user segments.

Domain -- https://tracker.my.com/segment/list Testing environment -- Open two separate browsers with two independent accounts created at https://tracker.my.com/ Steps to reproduce -- In browser A 1. Log in to your account at https://tracker.my.com/ as user 1. 2. Create a new account at...

Mail.ru: [allods.mail.ru] - WebCache Poisoning Host Header lead to Potential Stored XSS

Attacker can flush web cache to inject malicious payload in Host header at allods.mail.ru . Example: Host: allods.mail.ru:13373"--alert1;...

Mail.ru: Угон домена photo-test.gb.ru (возможно)

photo-test.gb.ru subdomain was delegated to webflow.com , which is vulnerable to takeover...