15 matches found
CVE-2023-43509
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into downloading malicious...
SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution
Palo Alto, California, 9th October 2025, CyberNewsWire...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
webkitgtk: A download’s origin may be incorrectly associated
A flaw was found in WebKitGTK. A malicious website can cause the origin of a download to be incorrectly associated with the wrong site due to improper checks, allowing an attacker to trick a user into downloading a malicious file...
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. "Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam...
The Next Generation of RBI (Remote Browser Isolation)
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world...
The vulnerability of the OpenKM document management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of the OpenKM document management system is related to the lack of measures taken to protect the website structure when processing the text parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by downloading specially created...
Microsoft OneNote Used To Sidestep Phishing Detection
A phishing campaign was recently discovered leveraging OneNote, Microsoft’s digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims’ systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that...
Dubious downloads: How to check if a website and its files are malicious
A significant amount of malware infections and potentially unwanted program PUP irritants are the result of downloads from unreliable sources. There are a multitude of websites that specialize in distributing malicious payloads by offering them up as something legitimate or by bundling the desire...
Coins LTD Exploit Kits Traffic Distribution System
Coins LTD Traffic Distribution System TDS operates by silently redirecting the victim to a malicious web page, leading to infection by an exploit kit. Successful infection will allow the attacker to download additional malware to the target...
INFOR EAM Cross-Site Scripting Attack Vulnerability
Infor EAM is the best configurable enterprise-class asset management solution on the market. Improve capital asset management by increasing reliability, enhancing predictive maintenance, ensuring regulatory compliance, reducing energy consumption, and supporting sustainability programs. A...
Concrete CMS: Content Spoofing possible in concrete5.org
An attacker can include any arbitrary text using specially crafted concrete5 url. This is done using character /%0d%0a. Input https://www.concrete5.org/%0d%0ahas%20moved%20to%20www.evil.com.Please%20visit%20evil.com%20Present%20resource Output The requested URL / has moved to www.evil.com.Please...
'Avalanche' Crimeware Kit Fuels Phishing Attacks
A single cybercrime group called “Avalanche” was responsible for nearly one-quarter of all identity theft-related phishing attacks in the first half of 2009, according to a new report by the Anti-Phishing Work Group APWG. According to the report, phishing sites on Avalanche domains target the...
Trac quickjump Search Script q Parameter Arbitrary Site Redirect
The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects. The version of Trac installed on the remote host fails to sanitize user input to the 'q' parameter of the 'search' script before using it in an unfiltered and unmanaged fashion in a...