Lucene search
K

67 matches found

Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.12 views

Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem

We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/23 3:19 p.m.5 views

The March Madness scam playbook

March Madness is the annual men's and women's NCAA Division I basketball tournament, where 68 teams play in a single-elimination bracket for the US national championship. But March Madness doesn’t just bring buzzer beaters and busted brackets. It also kicks off a short, intense season for scammer...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.2 views

Execution Is the New Attack Surface: Survivability-Aware Agentic Crypto Trading with OpenClaw-Style Local Executors

OpenClaw-style agent stacks turn language into privileged execution: LLM intents flow through tool interception, policy gates, and a local executor. In parallel, skill marketplaces such as skills.sh make capability acquisition as easy as installing skills and CLIs, creating a growing capability...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/16 10:24 a.m.39 views

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/17 12:0 a.m.10 views

Examining the Security Posture of an Anti-Crime Ecosystem

Whitepaper called Examining the security posture of an Anti-Crime Ecosystem. The prevalence of anti-crime technology has seen a steep incline in the past few years. Since the introduction of cell phones, the expectation of privacy has gone steeply down. With that in mind, independent security...

6.6AI score
Exploits0
HackRead
HackRead
added 2025/11/05 9:33 a.m.4 views

10 Successful Marketplaces Built on Sharetribe: Lessons Learned

The marketplace revolution is here, and it's transforming how we buy, sell, and share everything from vintage furniture…...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-25045

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00389EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

Buy It Now, Track Me Later: Attacking User Privacy Via Wi-Fi AP Online Auctions

Static and hard-coded layer-two network identifiers are well known to present security vulnerabilities and endanger user privacy. In this work, we introduce a new privacy attack against Wi-Fi access points listed on secondhand marketplaces. Specifically, we demonstrate the ability to remotely...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/02 12:0 a.m.3 views

Are Crypto Ecosystems (De)Centralizing? A Framework for Longitudinal Analysis

Blockchain technology relies on decentralization to resist faults and attacks while operating without trusted intermediaries. Although industry experts have touted decentralization as central to their promise and disruptive potential, it is still unclear whether the crypto ecosystems built around...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/30 1:15 p.m.11 views

Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown

An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort, which took place between January 28 and 30, 2025, targeted the following domains - www.cracked.io...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/01/30 1:50 a.m.13 views

Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more

The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.…...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2025/01/09 10:32 p.m.34 views

CVE-2025-21380 Azure Marketplace SaaS Resources Information Disclosure Vulnerability

...

8.8CVSS0.0145EPSS
Exploits0References1
HackRead
HackRead
added 2024/10/15 5:32 p.m.7 views

Authorities Seize Dark Web Marketplaces Sipulitie and Tsätti

Finnish Customs and Swedish Police, with Bitdefender's support, shut down dark web marketplaces Sipulitie and Tsätti. These platforms…...

7.4AI score
Exploits0
OSV
OSV
added 2024/05/14 3:13 p.m.1 views

CVE-2024-27852

A privacy issue was addressed with improved client ID handling for alternative app marketplaces. This issue is fixed in iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages...

6.5CVSS5.8AI score0.00389EPSS
Exploits0References3
NVD
NVD
added 2024/05/14 3:13 p.m.30 views

CVE-2024-27852

A privacy issue was addressed with improved client ID handling for alternative app marketplaces. This issue is fixed in iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages...

6.5CVSS5.3AI score0.00389EPSS
Exploits0References4
CVE
CVE
added 2024/05/13 11:0 p.m.78 views

CVE-2024-27852

CVE-2024-27852 is a privacy issue in Apple’s MarketplaceKit component affecting iOS/iPadOS prior to 17.5. The root cause is improper client ID handling for alternate app marketplaces, enabling a malicious webpage to cause a script to track users across sites. Official advisories state the issue i...

6.5CVSS5.4AI score0.00389EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2024/05/13 11:0 p.m.30 views

CVE-2024-27852

A privacy issue was addressed with improved client ID handling for alternative app marketplaces. This issue is fixed in iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages...

4.7AI score0.00389EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/13 11:0 p.m.17 views

CVE-2024-27852

A privacy issue was addressed with improved client ID handling for alternative app marketplaces. This issue is fixed in iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages...

5.7AI score0.00389EPSS
Exploits0References1
Securelist
Securelist
added 2024/02/26 8:0 a.m.26 views

The mobile malware threat landscape in 2023

The figures above are based on detection statistics received from Kaspersky users who consented to sharing usage data with Kaspersky Security Network. The data for years preceding 2023 may differ from that published previously, as the calculation methodology was refined, and the data was...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2023/12/07 7:0 p.m.37 views

Cybersecurity considerations to have when shopping for holiday gifts

As I wrote about last week, there are holiday shopping-related scams already popping up all over the place. But another aspect of security that many shoppers dont consider this time of year is the security of the products theyre buying, even through a legitimate online marketplace. This is a...

6.8CVSS7.4AI score0.17823EPSS
Exploits0
Rows per page
Query Builder