Lucene search
K

15 matches found

Vulnrichment
Vulnrichment
added 2025/10/08 10:4 p.m.3 views

CVE-2017-20202 Web Developer for Chrome v0.4.9 Malicious Backdoor Supply Chain Compromise

Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that performed extensive ad substitution and malvertising, displayed fake “repair” alerts that redirected users to...

9.3CVSS7.1AI score0.00499EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/06/12 9:15 a.m.4 views

CVE-2025-4613

Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template...

8.8CVSS6.4AI score0.00551EPSS
Exploits1References2
NVD
NVD
added 2025/06/12 9:15 a.m.10 views

CVE-2025-4613

Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template...

8.8CVSS0.00551EPSS
Exploits1References1
CVE
CVE
added 2025/06/12 9:6 a.m.59 views

CVE-2025-4613

CVE-2025-4613 : Google Web Designer on Windows with versions prior to 16.3.0.0407 suffers path traversal in template handling, enabling remote code execution when a user is tricked into downloading a malicious ad template. The CVE is supported by multiple connected sources confirming the same roo...

8.8CVSS7.9AI score0.00551EPSS
Exploits1References1Affected Software1
Malwarebytes
Malwarebytes
added 2024/12/16 4:18 a.m.14 views

Malicious ad distributes SocGholish malware to Kaiser Permanente employees

On December 15, we detected a malicious campaign targeting Kaiser Permanente employees via Google Search Ads. The fraudulent ad masquerades as the health care company's HR portal used to check for benefits, download paystubs and other corporate related tasks. We believe the threat actors' intent...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/08/29 6:48 p.m.11 views

Fake Canva home page leads to browser lock

In a previous blog post, we showed how fraudsters were leveraging features from the very company Microsoft they were impersonating. We continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/23 9:10 p.m.23 views

Google ad for Facebook redirects to scam

Today, we are looking at a malicious ad campaign targeting Facebook users via Google search. It is well-known that tech support scammers attract new victims by buying ads for certain keywords related to their audience. What is perhaps less known is how it is even possible to impersonate top brand...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/04 6:59 p.m.16 views

Bing ad for NordVPN leads to SecTopRAT

Most of the malicious search ads we have seen have originated from Google, but threat actors are also abusing other search engines. Microsoft Bing is probably the second best target due to its close ties to the Windows ecosystem and Edge browser. In this blog post, we look at a very recent...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/22 7:23 p.m.34 views

New Go loader pushes Rhadamanthys stealer

Malware loaders also known as droppers or downloaders are a popular commodity in the criminal underground. Their primary function is to successfully compromise a machine and deploy one or multiple additional payloads. A good loader avoids detection and identifies victims as legitimate i.e. not...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/19 11:2 a.m.20 views

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. "PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/09 2:54 a.m.31 views

Malvertiser copies PC news site to deliver infostealer

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/18 11:58 a.m.11 views

Clever malvertising attack uses Punycode to look like KeePass’s official website

Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious Google ad for KeePass, the open-source password manager which was extremely deceiving. We previously reported on how brand impersonations are a common...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/11 6:15 p.m.51 views

We block shady ad blockers

Some of you have reached out to us concerning Malwarebytes blocking of certain ad blocking extensions, or an influx in web blocking notifications. First things first, this is not a false positive. Recently in their blog, AdGuard has discovered that numerous malicious ad blocking extensions were...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/05/29 3:14 a.m.32 views

Judy Android Malware Infects Over 36.5 Million Google Play Store Users

Security researchers have claimed to have discovered possibly the largest malware campaign on Google Play Store that has already infected around 36.5 million Android devices with malicious ad-click software. The security firm Checkpoint on Thursday published a blog post revealing more than 41...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/10 9:46 a.m.7 views

Mozilla Patches Bug Used in Active Attacks

UPDATE–Mozilla has released a patch for a vulnerability in Firefox that was discovered when a user found it being actively exploited in the wild. The bug affects Firefox’s PDF viewer and Mozilla officials said that the exploit being used by attackers right now looked for specific files on a...

0.5AI score
Exploits0References1
Rows per page
Query Builder