5 matches found
Fake Google and Cloudflare verification pages spread multiple malware families
Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System TDS and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework. "The sites are...
CVE-2025-23876
CVE-2025-23876 is a stored XSS in the WordPress plugin WP krpano (Jens Remus) affecting WP krpano versions up to 1.2.1. The Red Hat entry reaffirms: “Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability” that affects WP krpano from n/a through 1.2.1. ...
CVE-2025-23876 WordPress WP krpano plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in No-Nonsense WP krpano wp-krpano allows Stored XSS.This issue affects WP krpano: from n/a through = 1.2.1...
Fedora 22 : xen-4.5.1-5.fc22 (2015-12657)
QEMU heap overflow flaw while processing certain ATAPI commands. XSA-138, CVE-2015-5154 1247142 try again to fix xen-qemu-dom0-disk-backend.service 1242246 correct qemu location in xen-qemu-dom0-disk-backend.service 1242246, rebuild efi grub.cfg if it is present 1239309, re-enable remus by buildi...