CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of...

XmlNotepad 代码问题漏洞

XmlNotepad is an open-source XML document browsing and editing tool developed by Microsoft. Versions of XmlNotepad prior to 2.9.0.21 had code vulnerabilities. These vulnerabilities stemmed from the default setting of enabling DTD processing, which could lead to the disclosure of local file conten...

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to impersonate another user, grant themselves elevated privileges and/or execute arbitrary code and potentially gain access to sensitive data in the victim's context. Successful...

CVE-2025-69437

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

HotCRP Conference Review Software Cross-Site Script Vulnerabilities

HotCRP Conference Review Software is a software developed by Eddie Kohler. It is used to manage review processes, especially for academic conferences. The version of HotCRP Conference Review Software dated October 2025 to January 2026 contained a cross-site scripting vulnerability. This...

Microsoft Office zero-day lets malicious documents slip past security checks

Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files. Microsoft pushed the emergency patch for the zero‑day, tracked as CVE-2026-21509, and classifie...

Exploit for CVE-2026-21509

🛡️ CVE-2026-21509 — Microsoft Office Zero-Day !OFFICEhttps...

NULL Pointer Dereference

Overview libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to NULL Pointer Dereference in the parsing process of specially crafted XML documents when accessing the ref property on entityref and entitydecl nodes. An attacker can cause a...

EUVD-2018-6224

Malware in sbrugna...

EUVD-2018-6220

Malware in sbrugna...

EUVD-2023-46195

Malicious code in bioql PyPI...

EUVD-2022-50175

Malicious code in bioql PyPI...

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor. "Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and...

GHSA-CMJC-QP7J-XGWR WSO2 carbon-apimgt affected by an authenticated stored cross-site scripting (XSS) vulnerability

An authenticated stored Cross-Site Scripting XSS vulnerability exists in WSO2 API Manager components carbon-apimgt due to insufficient validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document whose...

A Decade-Long Landscape of Advanced Persistent Threats: Longitudinal Analysis and Global Trends

An advanced persistent threat APT refers to a covert, long-term cyberattack, typically conducted by state-sponsored actors, targeting critical sectors and often remaining undetected for long periods. In response, collective intelligence from around the globe collaborates to identify and trace...

CVE-2025-20260

A vulnerability has been discovered in the PDF parsing engine of ClamAV. This flaw can be exploited to achieve remote code execution RCE. Given that ClamAV is routinely used to process untrusted input for example, email attachments and downloaded files, a malicious PDF document could trigger this...

Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

RAR: Setting Knowledge Tripwires for Retrieval Augmented Rejection

Content moderation for large language models LLMs remains a significant challenge, requiring flexible and adaptable solutions that can quickly respond to emerging threats. This paper introduces Retrieval Augmented Rejection RAR, a novel approach that leverages a retrieval-augmented generation RAG...

CVE-2024-56357

grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account compromised, because it was possible to use the javascript: scheme with custom widget URLs and form redirect URLs. This issue has been patched in version 1.3.1...

CVE-2024-12908

Delinea addressed a reported case on Secret Server v11.7.31 protocol handler version 6.0.3.26 where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfull...