New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network TON for command-and-control C2. The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet...

CVE-2025-69988

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

EUVD-2025-209098

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

CVE-2025-69988

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

CVE-2025-69986

A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport element. By sending a specially crafted SOAP request containing an oversized protocol string, an...

PT-2026-28304

Name of the Vulnerable Software and Affected Versions LSC Indoor Camera version 7.6.32 Description A buffer overflow issue exists in the ONVIF GetStreamUri function. The application does not properly check the length of the Protocol parameter within the Transport element. An attacker can exploit...

CVE-2025-69988

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

CVE-2025-69988

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

PT-2026-28305

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

EUVD-2024-55500

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

CVE-2025-70954

The CVE-2025-70954 affects the TON Blockchain’s TVM, specifically the INMSGPARAM instruction. The vulnerability is a Null Pointer Dereference in the execution path, where a pointer is not checked for null before access, allowing a malicious transaction or smart contract to crash a validator node ...

PT-2026-3768

Name of the Vulnerable Software and Affected Versions Apache Solr versions 5.3.0 through 9.10.0 Description Deployments of Apache Solr utilizing the Rule Based Authorization Plugin are susceptible to unauthorized access to certain Solr APIs. This occurs due to insufficient input validation within...

CVE-2019-16297

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

CVE-2019-16300

An issue was discovered in Open Network Operating System ONOS 1.14. In the access control application org.onosproject.acl, the host event listener does not handle the following event types: HOSTREMOVED. In combination with other applications, this could lead to the absence of intended code...

CVE-2019-16298

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual broadband network gateway application org.onosproject.virtualbng, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this...

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

CVE-2025-64770

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

EUVD-2025-198340

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-64770

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-64770 Missing Authentication for ONVIF in iCam Cameras

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...