20 matches found
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don't fall for the trap...
EUVD-2023-33028
Malicious code in bioql PyPI...
MAL-2025-5455 Malicious code in red-bull-venue-tools (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in red-bull-venue-tools (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b5fe5829b1fbc9d863be9bad876998565a13ebc95fecc9ccc5600f92ecd423b package.json declares preinstall=node index.js, which fires automatically ...
CVE-2023-29459
The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application's webview, thus allowing the loading of arbitrary...
FC Red Bull Salzburg App 5.1.9-R Improper Authorization
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: FC Red Bull Salzburg App Vendor URL: https://play.google.com/store/apps/details?id=laola.redbull Type: Improper Authorization in Handler for Custom URL Scheme CWE-939 Date found: 2023-04-06...
Malicious code in red-bull-global-onboarding (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4fc2cabc6b5fc2953eeef7d540efd8cffef5aae91d5ec54c33eee91305b7007a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5719 Malicious code in red-bull-global-onboarding (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4fc2cabc6b5fc2953eeef7d540efd8cffef5aae91d5ec54c33eee91305b7007a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Performance-testing the Google I/O site
I've been looking at the performance of F1 websites recently, but before I dig into the last couple of teams, I figured I'd look a little closer to home, and dig into the Google I/O website. 1. Part 1: Methodology & Alpha Tauri 2. Part 2: Alfa Romeo 3. Part 3: Red Bull 4. Part 4: Williams 5. Part...
Who has the fastest F1 website in 2021? Part 3
I once spent an hour creating an F1 lights-out reaction test which went viral and was even played by F1 drivers. That sounds like a brag, and it kinda is, but now whenever I pour days or even weeks of work into something, it just seems so inefficient compared to that time I spent an hour on...
Who has the fastest F1 website in 2021? Part 2
Ohhh, you've come back for more? Excellent. I was worried it was just going to be me sat here, typing to myself. This is part 2 in a multi-part series looking at the loading performance of F1 websites. Not interested in F1? It shouldn't matter. This is just a performance review of 10...
Red Bull Free Skiing - Base64 encoded String, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull Free Skiing published at the 'play' market has multiple vulnerabilities...
Red Bull Racers - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull Racers published at the 'play' market has multiple vulnerabilities...
Red Bull Air Race The Game - Base64 encoded String, Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull Air Race The Game published at the 'play' market has multiple vulnerabilities...
Red Bull TV - Customized SSL, Dynamic Code Loading, Exported components vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull TV published at the 'play' market has multiple vulnerabilities...
Red Bull Alert | Alarm clock - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull Alert | Alarm clock published at the 'play' market has multiple vulnerabilities...
Red Bull Wallpapers - Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Red Bull Wallpapers published at the 'play' market has multiple vulnerabilities...
flugtagglasaj.redbull.com XSS vulnerability
Open Bug Bounty ID: OBB-123771 Description| Value ---|--- Affected Website:| flugtagglasaj.redbull.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventi...
jobs.redbull.com XSS vulnerability
Vulnerable URL: http://jobs.redbull.com/int/en/results?region=2044=%3Cobject%20data=%22javascript:alert%28%27XSSPOSED%27%29%22%3E Details: Description| Value ---|--- Patched:| Yes, at 04.10.2017 Latest check for patch:| 04.10.2017 09:47 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
Threat Outbreak Alert: Fake Employment Opportunity Notification Email Messages on February 10, 2014
Medium Alert ID: 32793 First Published: 2014 February 10 18:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an employment opportunity from Red Bull for the recipient. The text in the email message attempts to convince...