8 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988948)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988948 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at t...
University site cloned to evade ad detection distributes fake Cisco installer
There is a constant "cat and mouse" game between defenders and attackers, the latter trying to outsmart and get a head start on the former. In the context of online advertising, this involves creating fake identities or using stolen ones to push out malicious ads. An attacker not only needs to...
OpenPLC 安全漏洞
OpenPLC is an open source programmable logic controller from the individual developer Thiago Alves. It can provide low-cost industrial solutions for automation and research. A security vulnerability exists in OpenPLC version 3, which stems from the inclusion of an arbitrary file upload...
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By hijacking high-profile Facebook business accounts, t...
An advertising dropper in Google Play
Recently, the popular CamScanner – Phone PDF creator app caught our attention. According to Google Play, it has been installed more than 100 million times. The developers position it as a solution for scanning and managing digitized documents, but negative user reviews that have been left over th...
A week in security (September 4 – September 10)
Last week, we looked into expired domain names being used for malvertising, delved into dubious Facebook apps, and checked out Chinese seminar scams. We also explained the whys and wherefores of false positives, explained what Google is doing with HTTPs, warned you away from a fake DHS email, and...
China railcom broadband ad delivery system there are serious security issues-vulnerability warning-the black bar safety net
Recent Iron through the malicious insertion of advertising to engage the balls, the complaint without door handle Pre-stage computer somehow random jump hao123 number one shop such as the address to engage I thought the computer poisoning. Recently it touches not jump regardless of login what the...
DailyMotion Still Serving FakeAV Malware Scam
More than three weeks after notifying video-sharing site DailyMotion that it was compromised, security company Invincea reports the popular website is still infected. A spokesperson told Threatpost that Invincea’s original notification was not acknowledged and the company suspects this is a...