Lucene search
K

75 matches found

Wired Threat Level
Wired Threat Level
added 2026/04/30 5:30 p.m.5 views

OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.6 views

CVE-2024-41801

OpenProject is open source project management software. Prior to version 14.3.0, using a forged HOST header in the default configuration of packaged installations and using the "Login required" setting, an attacker could redirect to a remote host to initiate a phishing attack against an OpenProje...

6.1CVSS6.9AI score0.00337EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/06 12:23 a.m.4 views

SUSE CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

3.4CVSS6.9AI score0.00241EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/01 12:15 a.m.4 views

CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

3.4CVSS5.8AI score0.00241EPSS
Exploits0References6
ICS
ICS
added 2025/11/25 7:0 a.m.5 views

Festo Compact Vision System, Control Block, Controller, and Operator Unit products

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker accessing devices without authentication or modifying configuration files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

7AI score
Exploits0References13
Talos Blog
Talos Blog
added 2025/10/24 10:0 a.m.6 views

Think passwordless is too complicated? Let's clear that up

By Janet Ho, Cisco Duo Why passwords are still a problem We've relied on passwords for years to protect our online accounts, but they've also become one of the easiest ways attackers get in. Many people reuse or simplify passwords, or even write them down because it's hard to remember so many. Th...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1730

Malware in sbrugna...

7.5CVSS6.4AI score0.01158EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-16789

Malware in sbrugna...

7.8CVSS8.7AI score0.01232EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-6953

Malware in sbrugna...

5CVSS6.4AI score0.01172EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-0799

Malware in sbrugna...

6.4CVSS6.2AI score0.02027EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1731

Malware in sbrugna...

7.5CVSS6.4AI score0.01382EPSS
Exploits0References4
ICS
ICS
added 2025/08/21 6:0 a.m.5 views

FUJIFILM Healthcare Americas Synapse Mobility

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access information beyond their assigned roles. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

5.3CVSS7.9AI score0.0023EPSS
Exploits0References10
Packet Storm News
Packet Storm News
added 2025/07/11 12:0 a.m.4 views

SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 9:30 p.m.12 views

CVE-2006-6971

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in 1 dotted-hex, 2 dotted-octal, 3 single decimal integer, 4 single hex integer, or 5 single octal integer format, which is not captured by...

5CVSS7.1AI score0.01172EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2025/05/19 7:3 a.m.16 views

A week in security (May 12 – May 18)

Last week on Malwarebytes Labs: Data broker protection rule quietly withdrawn by CFPB Meta sent cease and desist letter over AI training Google to pay $1.38 billion over privacy violations Android users bombarded with unskippable ads Last week on ThreatDown: ThreatDown introduces Firewall...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.4 views

Forcepoint Email Security 安全漏洞

Forcepoint Email Security is a suite of email protection solutions from US-based Forcepoint. The product includes features such as spam filtering, malware detection, phishing protection, and protection against intrusion BEC attacks. A security vulnerability exists in Forcepoint Email Security 8.5...

6.1CVSS5.9AI score0.00215EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2025/02/13 4:0 p.m.7 views

Qualys Adds Threat Intelligence for Typosquatting and Defamatory Domains to External Attack Surface Management

Cybersecurity professionals can now use Qualys CyberSecurity Asset Management CSAM with External Attack Surface Management EASM to reduce cyber risks from credential harvesting, phishing, and malware downloads and diminish reputational harm. Bad actors have been registering look-alike, sound-alik...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/01/13 2:55 p.m.8 views

iMessage text gets recipient to disable phishing protection so they can be phished

A smishing SMS phishing campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple's built in phishing protection. For months, iMessage users have been posting examples online of how phishers are trying to get around this protection. And, now, the campign is...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2024/10/04 5:16 p.m.29 views

CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS

There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...

4.8CVSS0.00329EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/08/16 11:12 a.m.34 views

Guide: How Google Workspace-based Organizations can leverage Chrome to improve Security

More and more organizations are choosing Google Workspace as their default employee toolset of choice. But despite the productivity advantages, this organizational action also incurs a new security debt. Security teams now have to find a way to adjust their security architecture to this new cloud...

6.6AI score
Exploits0
Rows per page
Query Builder