Lucene search
K

126 matches found

Malwarebytes
Malwarebytes
added 2026/03/17 4:10 p.m.5 views

Fake Pudgy World site steals your crypto passwords

A phishing site impersonating the newly-launched Pudgy World browser game is targeting crypto users with a technique that goes well beyond a convincing logo and matching color scheme. Pudgy World is a free-to-play browser game built around the Pudgy Penguins NFT brand. Players explore a virtual...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/21 6:40 a.m.7 views

LastPass Warns of Fake Maintenance Messages Targeting Users' Master Passwords

LastPass is alerting users to a new active phishing campaign that's impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around January 19, 2026, involves sending phishing emails claiming upcoming maintenan...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : thunderbird-115.7.0-1.el8_9.ML.1 (AXSA:2024-7501:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7501:04 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

8.8CVSS8.4AI score0.02155EPSS
Exploits0References10
Malwarebytes
Malwarebytes
added 2026/01/14 3:55 p.m.5 views

Phishing scammers are posting fake “account restricted” comments on LinkedIn

Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has " engaged in activities that are not in compliance" with LinkedIn's policies and that their account has been " temporarily restricted" until they submit an appeal through a specified link in the comment...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.11 views

CVE-2022-38705

IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 234172...

6.1CVSS6.5AI score0.00667EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-26096

Malware in sbrugna...

6.1CVSS5.5AI score0.00805EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-25737

Malware in sbrugna...

6.1CVSS5.5AI score0.0086EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42510

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00521EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-41274

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00667EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2025/09/10 12:53 p.m.4 views

Pre-approved GLP-1 prescription scam could be bad for your health

A co-worker received a text which is, unfortunately, becoming more common. The text pretends to come from a doctor and states a weight-loss medication prescription has been approved. “Good morning. This is Dr. Santos. I pre-approved your GLP1 prescription. You may start treatment as of 09/04...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: thunderbird (TSSA-2024:0054)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0054 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.02155EPSS
Exploits0References10
Securelist
Securelist
added 2025/06/11 10:0 a.m.24 views

Toxic trend: Another malware threat targets DeepSeek

Introduction DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. We previously reported attacks with malware being spread under the guise of DeepSeek to...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.4 views

CVE-2023-38735

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

6.5CVSS6.6AI score0.00521EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:1 a.m.17 views

Security Bulletin: IBM OpenPages with Watson has addressed a reverse tabnabbing vulnerability (CVE-2020-4440)

Summary IBM OpenPages with Watson has addressed a reverse tabnabbing vulnerability CVE-2020-4440 Vulnerability Details CVEID:CVE-2020-4440 DESCRIPTION: IBM OpenPages with Watson could allow an authenticated user to replace a target page with a phishing site which could allow the attacker to obtai...

5.8AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2025/01/06 11:10 a.m.10 views

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/08/23 5:33 p.m.27 views

Fake funeral “live stream” scams target grieving users on Facebook

Some scammers have the morals of an alley cat. But some sink even lower. Over the last few months, Malwarebytes Labs has discovered scammers active on Facebook that prey on bereaved people by using stolen images and phony funeral live stream links to steal money and/or credit card details. These...

6.9AI score
Exploits0
Veracode
Veracode
added 2024/06/25 7:29 a.m.14 views

Improper Input Validation

github.com/rancher/rancher is vulnerable to Improper Input Validation. The vulnerability is due to the tampering of the errorMsg parameter, allowing for the display of arbitrary content, filtering tags but not special characters or symbols. This can lead to malicious users to lure legitimate user...

4.7CVSS6.7AI score0.02263EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/04 12:0 a.m.27 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6669-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6669-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsin...

8.8CVSS7.5AI score0.02155EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.41 views

CentOS 8 : firefox (CESA-2024:0608)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affec...

8.8CVSS7.7AI score0.02155EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/02/12 12:0 a.m.45 views

Rocky Linux 8 : firefox (RLSA-2024:0608)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affect...

8.8CVSS7.7AI score0.02155EPSS
Exploits0References19
Rows per page
Query Builder