CVE-2026-33654

nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module nanobot/channels/email.py, allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions and subsequently, system tools without...

From transparency to action: What the latest Microsoft email security benchmark reveals

In our last benchmarking post, Clarity in complexity: New insights for transparent email security ,1 we shared why transparency matters more than ever in email security and how clear, consistent benchmarking helps security teams cut through noise and make confident decisions. Today, we’re...

EUVD-2021-0750

Malware in sbrugna...

EUVD-2020-24403

Malware in sbrugna...

EUVD-2019-11173

Malware in sbrugna...

EUVD-2019-16755

Malware in sbrugna...

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. "The targeted attack begins with bait emails containing malicious link...

Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams

Microsoft, DocuSign, Adobe, McAfee, NortonLifeLock, PayPal, and Best Buy’s Geek Squad are being impersonated online through malicious emails that contain fake telephone support numbers and dangerous QR codes that can ensnare victims into phishing scams. The brands and their products are frequentl...

CVE-2019-20634

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...

macOS 14.x < 14.5 Multiple Vulnerabilities (120903)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.5. It is, therefore, affected by multiple vulnerabilities: - The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and...

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Recent months have seen a surge in mailings with lookalike email attachments in the form of a ZIP archive containing JScript scripts. The script files – disguised as requests and bids from potential customers or partners – bear names such as "Запрос цены и предложения от Индивидуального...

CISA Warns of Hurricane-Related Scams

As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

Exotic SambaSpy is now dancing with Italian users

Introduction In May 2024, we detected a campaign exclusively targeting victims in Italy. We were rather surprised by this, as cybercriminals typically select a broader target to maximize their profits. For example, a certain type of malware might target users in France and Spain, with the phishin...

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control C2 mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeti...

ZITADEL 安全漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the age of containers and serverless, open sourced by ZITADEL in Switzerland. ZITADEL suffers from a security vulnerability that stems from a lack of output cleanup and emails that could conta...

New Linux Variant of Bifrost RAT Utilizes Deceptive Domain for Evasion

Summary: A new Linux variant of the Bifrost RAT evades detection using a deceptive VMware domain, aiming to compromise systems. This persistent threat spreads through malicious emails and sites, harvesting sensitive data and now includes an ARM version, emphasizing the need for vigilant...

The Ongoing Saga of Job-Themed Attacks

The Ongoing Saga of Job-Themed Attacks By Daksh Kapur and Alfred Alvarado · January 23, 2024 Figure 1 - Job Themed Cyberattacks Attribution at the Bottom In late 2023, Trellix Security Researchers identified an ongoing trend where cybercriminals exploit job-themed attack vectors to target both jo...

How to recognize AI-generated phishing mails

Phishing is the art of sending an email with the aim of getting users to open a malicious file or click on a link to then steal credentials. But most phishers arent very good, and the success rate is relatively low: In 2021, the average click rate for a phishing campaign was 17.8%. However, now...

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies...