CVE-2025-13516

The SureMail – SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's savefile function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessibl...

EUVD-2021-11137

Malware in sbrugna...

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

CVE-2025-1385

The CVE-2025-1385 vulnerability affects ClickHouse when the library_bridge feature is enabled and exposes an HTTP API on localhost (default port 9019). This configuration allows the ClickHouse server to dynamically load a library from a path and execute it in an isolated process, which, combined ...

Gafgyt Malware Targeting Docker Remote API Servers

Our researchers identified threat actors exploiting misconfigured Docker servers to spread the Gafgyt malware. This threat traditionally targets IoT devices; this new tactic signals a change in its behavior...

Misconfigured Servers Targeted with New Golang Malwares

Summary: In a newly observed malware campaign, threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish a reverse shell for persistent remote...

Legion: Credential Harvesting & SMS Hijacking Malware Sold on Telegram

By Waqas The Legion malware is capable of stealing credentials from misconfigured or exposed servers and is linked to the AndroxGh0st malware family. This is a post from HackRead.com Read the original post: Legion: Credential Harvesting & SMS Hijacking Malware Sold on Telegram...

Misconfigured ElasticSearch Servers Exposed 579 GB of Users’ Website Activity

By Waqas In total, two misconfigured ElasticSearch servers belonging to an unknown organization exposed 359,019,902 359 million records that were… This is a post from HackRead.com Read the original post: Misconfigured ElasticSearch Servers Exposed 579 GB of Users’ Website Activity...

Hackers Find a New Way to Deliver Devastating DDoS Attacks

Cybercriminals are exploiting a fleet of more than 100,000 misconfigured servers to knock websites offline...

Zscaler Client Connector 缓冲区错误漏洞

Zscaler Client Connector is an application for zscaler. An application installed on an appliance that ensures that Internet traffic and access to an organization's internal applications is secure and compliant with the organization's policies, even when not on the corporate network.A security...

CVE-2021-24223

The N5 Upload Form WordPress plugin through 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5uniqidrand, however, in the case of misconfigured servers...

N5 Upload Form <= 1.0 - Unauthenticated Arbitrary File Upload to RCE

The plugin suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5uniqidrand, however, in the case of misconfigured servers with Directory listing enabled,...

October CMS 安全漏洞

October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October before version 1.1.2 suffers from a security vulnerability that stems from a host header attack that may succeed when running on a misconfigured server. No detailed vulnerabilit...

2019 Already Marred By Slew of Data Breach Incidents

It has been a busy year for data breaches already, and January isn’t even officially over. This past week has been no exception. In past seven days, in addition to the Airbus news that we previously reported, Discover Financial, IT management giant Rubrik, the City of St. John in New Brunswick,...

Open MQTT Servers Raise Physical Threats in Smart Homes

Tens of thousands of consumer-grade Internet of Things IoT servers have been found wide-open on the internet, allowing cybercriminals to potentially compromise homeowners’ physical security. Bad actors can gain complete access to smart-home footprints to track owners’ movements, see if smart door...

Data Pours from Cloud—And ‘The Enemy is Us’

Accenture, Verizon, Dow Jones and Deep Root Analytics are just the tip of the iceberg when it comes to the millions of private records and sensitive enterprise data exposed on cloud backends this year. And the problem is getting worse not better. “The enemy is us,” said Chris Vickery, director of...

US-CERT Warns of Issues With DNS Zone Transfer Requests

The US-CERT is warning administrators and network operators that a misconfiguration issue with some DNS servers that has been known about for more than 15 years and can give attackers detailed information about DNS zones is coming back around thanks to new scans that show a high number of servers...