9 matches found
EUVD-2016-4672
Malware in sbrugna...
EUVD-2020-24754
Malware in sbrugna...
Toxic trend: Another malware threat targets DeepSeek
Introduction DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. We previously reported attacks with malware being spread under the guise of DeepSeek to...
CVE-2021-35246
The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS encryption and use the application as a platform for attacks against its users...
CVE-2022-33681
A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle MITM attack, manipulating network traffic and gaining the client's authentication data...
Code injection
Duo has identified and fixed an issue with the Duo Network Gateway DNG product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted in certificate and private key information being written out in plain-text to local files on the DNG...
OSPF LSA Manipulation Vulnerability in Cisco IOS XE (cisco-sa-20130801-lsaospf)
The remote Cisco IOS XE device is affected by a vulnerability involving the Open Shortest Path First OSPF Routing Protocol Link State Advertisement LSA database. A remote, unauthenticated attacker can exploit this vulnerability, via specially crafted OSPF packets, to manipulate or disrupt the flo...
FAKEM RAT Mimics Normal Network Traffic
A family of remote access Trojans RATs known as FAKEM has been evading detection for more than three years by camouflaging themselves as legitimate network traffic. Nate Villeneuve, a senior threat researcher at Trend Micro, said that remote access Trojans are a favorite among attackers seeking t...
SUSE-SA:2006:009: gpg,liby2util
The remote host is missing the patch for the advisory SUSE-SA:2006:009 gpg,liby2util. With certain handcraftable signatures GPG was returning a 0 valid signature when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other...