Lucene search
+L

5 matches found

CVE
CVE
added 2026/02/03 12:0 a.m.22 views

CVE-2025-65924

CVE-2025-65924 affects ERPNext up to v15.88.1. The issue arises in the Add Quality Goal function where HTML tags (notably hyperlinks) are not sanitized in plain-text fields. While JavaScript is blocked to prevent XSS, the HTML remains in the generated PDFs, enabling users to click malicious link...

4.1CVSS5.5AI score0.00227EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2025/12/17 3:30 p.m.6 views

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR.net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future's Insikt Group between June...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/17 1:38 p.m.7 views

Inside a purchase order PDF phishing campaign

A PDF named "NEW Purchase Order 52177236.pdf" turned out to be a phishing lure. So we analyzed the phishing script behind it. A customer contacted me when Malwarebytes blocked the link inside a “purchase order” email they had received. Malwarebytes blocked this ionoscloud.com subdomain When I...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/18 2:0 p.m.23 views

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

A long-term spear-phishing campaign is targeting employees of major corporations with emails containing PDFs that link to short-lived Glitch apps hosting credential-harvesting SharePoint phishing pages, researchers have found. Researchers from DomainTools discovered the suspicious PDFs – which...

7.2AI score
Exploits0References8
The Hacker News
The Hacker News
added 2011/09/25 3:48 a.m.3 views

Mac trojan poses as PDF to open botnet backdoor

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a...

7.3AI score
Exploits0
Rows per page
Query Builder