8 matches found
CVE-2026-34596
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...
PT-2026-37231
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...
The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor
Summary: The Sandman Advanced Persistent Threat APT is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandmans Lua-based malware, LuaDream, and the KEYPLUG backdoor have...
Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor
Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat APT called Sandman and a China-based threat cluster that's known to use a backdoor referred to as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligenc...
Sandman APT Strikes the Telecom Sector with the LuaDream Backdoor
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Sandman APT, an espionage group of unknown origins that surfaced mysteriously in August, is orchestrating a sophisticated campaign aimed squarely at telecommunications providers spanning the Middle East,...
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time JIT compiler for the Lua programming...
sandman-store.com XSS vulnerability
Open Bug Bounty ID: OBB-654187 Description| Value ---|--- Affected Website:| sandman-store.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
linux/x86 unlink(/etc/passwd) & exit() 35 bytes
Exploit for linux/x86 platform in category shellcode =============================================== linux/x86 unlink/etc/passwd & exit 35 bytes =============================================== Title: linux/x86 unlink/etc/passwd & exit 35 bytes Date: 2009-12-24 Author: sandman Tested on:...