CVE-2021-33205

Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as...

EUVD-2006-4977

Malware in sbrugna...

EUVD-2025-11526

Malicious code in bioql PyPI...

Exploit for CVE-2021-4483

It is an offensive tool for PHP The repository contains a collection of PHP code snippets and functions for auditing and exploiting vulnerabilities, including a proof-of-concept exploit for CVE-2021-4483, an exploit module for targeting PHP applications, and a toolkit for auditing PHP code. The...

CVE-2025-41442 Advantech iView Cross-site Scripting

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosu...

CVE-2025-49130

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

CVE-2025-49130

Laravel Translation Manager (a Laravel package) is vulnerable to stored XSS prior to version 0.6.8 due to incorrect input validation and sanitization of user input. An attacker with access to the translation manager can inject arbitrary HTML/JavaScript into a page rendered to authenticated users,...

CVE-2025-48483 FreeScout Stored XSS leads to CSRF

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data during mail signature sanitization. An attacker can inject arbitrary HTML...

CVE-2024-22168

A Cross-Site Scripting XSS vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to carry...

CVE-2020-9447

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

Russian Host Proton66 Tied to SuperBlack and WeaXor Ransomware

Threat actors are exploiting bulletproof hosting service Proton66 for malicious activities, including campaigns from SuperBlack ransomware operators, Android…...

CVE-2025-0757 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Overview The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. CWE-79 Description Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.2.0.2, including 9.3.x...

Unmasking the new persistent attacks on Japan

Cisco Talos discovered malicious activities conducted by an unknown attacker since as early as January 2025, predominantly targeting organizations in Japan. The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution RCE flaw in the PHP-CGI implementation of PHP on Windows...

⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple's Data Dilemma

Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you...

XML External Entity (XXE) Injection

simplesamlphp is vulnerable to XML External Entity XXE injection. The vulnerability is due to improper handling of untrusted XML input, which allows attackers to exploit maliciously crafted XML documents, such as SAMLResponse, to access sensitive information or perform other malicious activities...

EAGERBEE, with updated and novel components, targets the Middle East

Introduction In our recent investigation into the EAGERBEE backdoor, we found that it was being deployed at ISPs and governmental entities in the Middle East. Our analysis uncovered new components used in these attacks, including a novel service injector designed to inject the backdoor into a...

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 CVSS score: 7.5, a memory corruption bug in the Scripting Engine...

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities...

Exploit for Incorrect Authorization in Apache Ofbiz

CVE-2024-38856 For Ethical Usage only, Any harmful or malicio...

LianSpy: new Android spyware targeting Russian users

In March 2024, we discovered a campaign targeting individuals in Russia with previously unseen Android spyware we dubbed LianSpy. Our analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs a...