Scammers are still sending us their fake Robinhood security alerts

A short while ago, our friends at Malwaretips wrote about a text scam impersonating Robinhood, a popular US-based investment app that lets people trade stocks and cryptocurrencies. The scam warns users about supposed “suspicious activity” on their accounts. As if to demonstrate that this phishing...

EUVD-2000-1140

Malware in sbrugna...

EUVD-2000-1139

Malware in sbrugna...

MAL-2025-5277 Malicious code in robinhood-internal-utils (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5350c4af558b6036e996982e7ac060be1ac0516b91dfd7b983a5c0b5d76270ec The OpenSSF Package Analysis project identified...

Malicious code in robinhood-internal-utils (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5350c4af558b6036e996982e7ac060be1ac0516b91dfd7b983a5c0b5d76270ec The OpenSSF Package Analysis project identified...

CLSA-2025-1740824456 mysql: Fix of 49 CVEs

Update to MySQL 8.0.41 - CVEs fixed: CVE-2024-5535 CVE-2024-7264 CVE-2024-11053 CVE-2024-21193 CVE-2024-21194 CVE-2024-21196 CVE-2024-21197 CVE-2024-21198 CVE-2024-21199 CVE-2024-21201 CVE-2024-21203 CVE-2024-21212 CVE-2024-21213 CVE-2024-21218 CVE-2024-21219 CVE-2024-21230 CVE-2024-21231...

robinhood-stamp.co.uk Cross Site Scripting vulnerability OBB-3936607

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The evolution of the Kuiper ransomware

Kuiper Ransomware’s Evolution By Trellix · January 17, 2024 This blog was written by Max Kersten The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help...

Robinhood Data Breach – Hackers access millions of users’ data

By Waqas Robinhood data breach involved social engineering attack in which hackers somehow managed to gain access to the company's support system. This is a post from HackRead.com Read the original post: Robinhood Data Breach - Hackers access millions of users data...

Robinhood Trading Platform Data Breach Hits 7M Customers

Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers – roughly a third of its user base. A cyberattacker made off with emails and more, which could lead to follow-on attacks for Robinhood customers. The tradi...

Robinhood Trading App Suffers Data Breach Exposing 7 Million Users' Information

Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. The commission-free stock trading and investing platform said the incident...

Robinhood Warns Customers of Tax-Season Phishing Scams

Attackers have targeted customers of stock-trading broker Robinhood with a phishing campaign aimed to steal their credentials and spread malware using fake tax documents, the company has warned. Robinhood, which aims to make it easy for people to trade stocks online but has faced a number of...

Ransomware isn’t just a big city problem

This month, one ransomware story has been making a lot of waves: the attack on Baltimore city networks. This attack has been receiving more press than normal, which could be due to the actions taken or not taken by the city government, as well as rumors about the ransomware infection mechanism...

Robinhood: Open Redirect located at https://www.robinhood.com/oauth2/authorize/?

Robinhood's OAuth2 authorization endpoint allowed arbitrary redirect URIs to be specified. While the actual OAuth2 code was not sent to the third party URI, the user was still redirected to the URI resulting in an open redirect vulnerability. This has since been fixed to show the proper error...

Robinhood: httponly flag not set + csrftoken in url

INFORMATION hello, i was looking into and found something interesting , i found that the httponly flag is not set which is really harmful as because httponly flag act as filter to stop client side script attacks like xss or session hijacking. so the csrftoken has no httponly flag at...

Joe Kloss RobinHood 1.1 - Buffer Overflow Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1944/info RobinHood is a HTTP/1.1 web server based upon libHTTP and is designed for the BeOS platform. Improper bounds checking exists in code that handles requests RHCWindow.cpp and RHLogger.cpp. The components RHConsol...

CVE-2000-1155

RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request...

CVE-2000-1154

RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request...

CVE-2000-1155

The CVE-2000-1155 entry affects the RHDaemon component of the RobinHood 1.1 web server running on BeOS R5 Pro and earlier. The root cause is a crafted, long HTTP request that can cause a denial of service. Public details across connected sources confirm the affected product/version and the vulner...

CVE-2000-1155

RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request...