Lucene search
K

66 matches found

Malwarebytes
Malwarebytes
added 2026/06/15 8:17 p.m.13 views

Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software

During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure distributing malware, malicious documents, remote desktop software, and phishing pages. EtherRAT is a...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/12 9:27 a.m.16 views

Fake verification pages are stealing Steam accounts from players

Online gamers should watch out for a convincing scam that aims to steal your Steam account. The scam uses fake FACEIT verification pages that look legitimate, complete with official branding, working links, and what appears to be a real Steam login window. By the time it asks for your password,...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.12 views

CVE-2026-42538

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS5.4AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 9:16 p.m.8 views

CVE-2026-42538

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 8:48 p.m.28 views

CVE-2026-42538 IRIS has an Insecure File Upload

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 8:48 p.m.7 views

CVE-2026-42538 IRIS has an Insecure File Upload

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS5.4AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 8:48 p.m.13 views

EUVD-2026-34326

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS5.8AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 8:48 p.m.10 views

CVE-2026-42538

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/04 8:48 p.m.21 views

CVE-2026-42538

IRIS is a web collaboration platform. Affected versions are prior to 2.4.28, where uploaded file validation is insufficient, enabling misuse to host phishing pages and an additional Cross-Site Scripting (XSS) vulnerability. The issue is addressed in version 2.4.28 (patch). There is no exploitatio...

6.3CVSS5.8AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

Iris 安全漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which were caused by improper file upload validation. These vulnerabilities could lead to the hosting of...

6.3CVSS5AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46385

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another...

6.3CVSS5.8AI score0.00175EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2026/04/22 12:30 p.m.6 views

Malicious trading website drops malware that hands your browser to attackers

During our threat hunting, we found a campaign using the same malware loader from our previous research to deliver a different threat: Needle Stealer , data-stealing malware designed to quietly harvest sensitive information from infected devices, including browser data, login sessions, and...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/23 10:55 a.m.4 views

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll...

6AI score
Exploits0
HackRead
HackRead
added 2026/03/12 5:10 p.m.11 views

Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages

Scammers are hijacking popular security tools like Cloudflare to hide fake Microsoft 365 login pages. Learn how this new invisible phishing campaign bypasses antivirus software and how you can stay safe...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/03/03 6:39 p.m.6 views

Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool

Fake Zoom and Google Meet pages trick users into installing a monitoring software on Windows systems through phishing links and fake updates...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/12 8:3 a.m.8 views

Criminals are using AI website builders to clone major brands

AI tool Vercel was abused by cybercriminals to create a Malwarebytes lookalike website. Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug i...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/06 2:56 p.m.6 views

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle AitM framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection...

6.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/14 3:55 p.m.5 views

Phishing scammers are posting fake “account restricted” comments on LinkedIn

Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has " engaged in activities that are not in compliance" with LinkedIn's policies and that their account has been " temporarily restricted" until they submit an appeal through a specified link in the comment...

7AI score
Exploits0
Securelist
Securelist
added 2025/11/24 12:30 p.m.5 views

To buy or not to buy: How cybercriminals capitalize on Black Friday

The global e‑commerce market is accelerating faster than ever before, driven by expanding online retail, and rising consumer adoption worldwide. According to McKinsey Global Institute, global e‑commerce is projected to grow by 7–9% annually through 2040. At Kaspersky, we track how this surge in...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/07 7:29 a.m.24 views

PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management CRM tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets. "Recipients of the bulk sp...

7.1AI score
Exploits0
Rows per page
Query Builder