A DarkSword hangs over unpatched iPhones

Researchers at Google have identified an iOS exploit chain, named DarkSword, that has been used since late last year by multiple actors to infect iPhones with malware in targeted attacks. DarkSword combines six vulnerabilities in iOS and Safari to deploy malware on the device. It demonstrates, on...

Stack Ideas EasyDiscuss Cross-Site Script Vulnerabilities

Stack Ideas EasyDiscuss is a Q&A and forum component provided by Malaysia-based Stack Ideas Company. Stack Ideas EasyDiscuss has a cross-site scripting vulnerability, which stems from insufficient input filtering in the processing of user avatar text. This vulnerability may lead to storage-based...

CVE-2025-68988

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in o2oe E-Invoice App Malaysia einvoiceapp-malaysia allows Retrieve Embedded Sensitive Data.This issue affects E-Invoice App Malaysia: from n/a through = 1.3.0...

EUVD-2025-205748

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in o2oe E-Invoice App Malaysia einvoiceapp-malaysia allows Retrieve Embedded Sensitive Data.This issue affects E-Invoice App Malaysia: from n/a through = 1.1.0...

CVE-2025-68988

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in o2oe E-Invoice App Malaysia einvoiceapp-malaysia allows Retrieve Embedded Sensitive Data.This issue affects E-Invoice App Malaysia: from n/a through = 1.3.0...

CVE-2025-68988 WordPress E-Invoice App Malaysia plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in o2oe E-Invoice App Malaysia einvoiceapp-malaysia allows Retrieve Embedded Sensitive Data.This issue affects E-Invoice App Malaysia: from n/a through = 1.3.0...

CVE-2025-68988

CVE-2025-68988 affects the E-Invoice App Malaysia (E-Invoice App Malaysia; plugin name einvoiceapp-malaysia) and is categorized as an unauthenticated information exposure. The WordPress ecosystem entry indicates the vulnerability is an exposure of embedded sensitive data to an unauthorized actor,...

CVE-2025-68988 WordPress E-Invoice App Malaysia plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in o2oe E-Invoice App Malaysia einvoiceapp-malaysia allows Retrieve Embedded Sensitive Data.This issue affects E-Invoice App Malaysia: from n/a through = 1.3.0...

PT-2025-53877

Name of the Vulnerable Software and Affected Versions o2oe E-Invoice App Malaysia versions through 1.1.0 Description The o2oe E-Invoice App Malaysia application contains a flaw that allows the retrieval of embedded sensitive data, potentially exposing system information to unauthorized parties...

WordPress plugin E-Invoice App Malaysia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

WordPress E-Invoice App Malaysia plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Rapid0nion in WordPress Plugin E-Invoice App Malaysia versions = 1.3.0...

Malicious code in guras-visa-malaysia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607f50c5cb9692aa7116c15b3c93042ef705cd20a266af11ec345508c32472c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT

The threat actors behind a malware family known as Winos 4.0 aka ValleyRAT have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan RAT tracked as HoldingHands RAT aka Gh0stBins. "The campaign relied on phishing emails with PDFs...

Kiwire Captive Portal 安全漏洞

Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal, which stems from the presence of reflective cross-site scripting in the login-url parameter, which could lead to the execution of Javascript code...

EUVD-2018-5937

Malware in sbrugna...

EUVD-2014-7285

Malware in sbrugna...

CVE-2024-54305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jtexpress J Express Malaysia jt-express allows Reflected XSS.This issue affects J Express Malaysia: from n/a through = 2.0.13...

Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities...

CVE-2024-54305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jtexpress J&T Express Malaysia jt-express allows Reflected XSS.This issue affects J&T Express Malaysia: from n/a through = 2.0.13...

CVE-2024-54305 WordPress J&T Express Malaysia plugin <= 2.0.13 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jtexpress J&T Express Malaysia jt-express allows Reflected XSS.This issue affects J&T Express Malaysia: from n/a through = 2.0.13...