Lucene search
K

11 matches found

The Hacker News
The Hacker News
added 2026/03/18 5:26 p.m.8 views

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC has sanctioned six individuals and two entities for their involvement in the Democratic People's Republic of Korea DPRK information technology IT worker scheme with an aim to defraud U.S. businesses and generate illicit...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1000

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00206EPSS
Exploits0References5
Microsoft Secure
Microsoft Secure
added 2025/06/30 7:17 p.m.142 views

Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations

Since 2024, Microsoft Threat Intelligence has observed remote information technology IT workers deployed by North Korea leveraging AI to improve the scale and sophistication of their operations, steal data, and generate revenue for the Democratic People’s Republic of Korea DPRK. Among the changes...

7AI score
Exploits0
HackRead
HackRead
added 2025/05/14 4:45 p.m.18 views

North Korean Hackers Stole $88M by Posing as US Tech Workers

Flashpoint uncovers how North Korean hackers used fake identities to secure remote IT jobs in the US, siphoning…...

7.3AI score
Exploits0
OSV
OSV
added 2023/04/02 9:30 p.m.16 views

GHSA-58CH-C2JF-5G23 Jenkins remote-jobs-view-plugin vulnerable to XML external entity attacks

Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secret...

7.1CVSS6.4AI score0.00715EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/04/02 9:30 p.m.22 views

Jenkins remote-jobs-view-plugin vulnerable to XML external entity attacks

Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secret...

6.5CVSS6.5AI score0.00715EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/04/02 9:15 p.m.19 views

Xxe

Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

4CVSS6.4AI score0.00715EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/23 11:26 a.m.25 views

CVE-2023-28684

Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.9AI score0.00715EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:26 a.m.244 views

CVE-2023-28684

CVE-2023-28684 affects Jenkins’ remote-jobs-view-plugin (versions 0.0.3 and earlier). The root cause is an XML parser not configured to prevent XML external entity (XXE) attacks. This vulnerability can be exploited by authenticated attackers with Overall/Read permission to have Jenkins parse craf...

6.5CVSS6.3AI score0.00715EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.4 views

Jenkins Plugins remote-jobs-view-plugin 代码问题漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins Plugins remote-jobs-view-plugin 0.0.3 and earlier versions that stems from not...

6.5CVSS6.5AI score0.00715EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.4 views

PT-2023-21903 · Jenkins · Jenkins Remote-Jobs-View-Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins remote-jobs-view-plugin Plugin versions 0.0.3 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read...

6.5CVSS6.4AI score0.00715EPSS
Exploits0References8
Rows per page
Query Builder