GHSA-QJ3P-XC97-XW74 MetaMask SDK indirectly exposed via malicious [email protected] dependency

Who is affected? This advisory only applies to developers who use MetaMask SDK in the browser and who, on Sept 8th 2025 between 13:00–15:30 UTC, performed one of the following actions and then deployed their application: - Installed MetaMask SDK into a project with a lockfile for the first time -...

MetaMask SDK indirectly exposed via malicious [email protected] dependency

Who is affected? This advisory only applies to developers who use MetaMask SDK in the browser and who, on Sept 8th 2025 between 13:00–15:30 UTC, performed one of the following actions and then deployed their application: - Installed MetaMask SDK into a project with a lockfile for the first time -...

WordPress AutomatorWP plugin <= 5.3.6 - Missing Authorization To Authenticated (Subscriber+) Remote Code Execution via Automation Creation vulnerability

Missing Authorization To Authenticated Subscriber+ Remote Code Execution via Automation Creation vulnerability discovered by stealthcopter in WordPress Plugin AutomatorWP versions = 5.3.6...

songallergy.com Cross Site Scripting vulnerability OBB-3657085

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

smileforeverwa.com Cross Site Scripting vulnerability OBB-3656866

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

167,000 stolen credit card numbers Exposed via PoS Malware

By Waqas The campaign was discovered in April 2022, but researchers believe the campaign occurred between February 2021 and September 8, 2022. This is a post from HackRead.com Read the original post: 167,000 stolen credit card numbers Exposed via PoS Malware...

CISA wants you to patch these actively exploited vulnerabilities before September 8

On Thursday, CISA the US Cybersecurity and Infrastructure Security Agency updated its catalog of actively exploited vulnerabilities by adding seven new entries. These flaws were found in Apple, Google, Microsoft, Palo Alto Networks, and SAP products. CISA set the due date for everyone to patch th...

diariooficial.itajuba.mg.gov.br Cross Site Scripting vulnerability OBB-2136072

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

bansaltrading.com Cross Site Scripting vulnerability OBB-2135841

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

bubblemerchant.com Cross Site Scripting vulnerability OBB-2135818

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

oeffnungszeiten-firmen.de Cross Site Scripting vulnerability OBB-1314626

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

solid-perfection.com Cross Site Scripting vulnerability OBB-1314521

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

tapleycolor.com Cross Site Scripting vulnerability OBB-1314328

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2015 Update 3: September 8, 2020

Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2015 Update 3: September 8, 2020 Applies to: All Visual Studio 2015 Update 3 editions except Isolated and Integrated Shells, Build Tools, Remote Tools, and Express for Web Notice In November...

Servicing stack update for Windows 10, version 1903 and 1909: September 8, 2020

Servicing stack update for Windows 10, version 1903 and 1909: September 8, 2020 Applies to Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 fo...

September 8, 2020-KB4576484 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903, Windows Server 1903 RTM, Windows 10, version 1909 and Windows Server, version 1909

September 8, 2020-KB4576484 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903, Windows Server 1903 RTM, Windows 10, version 1909 and Windows Server, version 1909 Release Date: September 8, 2020 Version: .NET Framework 3.5 and 4.8 Summary ClickOnce will no longer downloa...

Threat Outbreak Alert RuleID30539: Email Messages Distributing Malicious Software on September 8, 2017

Medium Alert ID: 55156 First Published: 2017 September 8 13:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30539 may contain the following files: Name |...

Threat Outbreak Alert RuleID30536: Email Messages Distributing Malicious Software on September 8, 2017

Medium Alert ID: 55155 First Published: 2017 September 8 13:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30536 may contain the following files: Name |...

Threat Outbreak Alert RuleID30540: Email Messages Distributing Malicious Software on September 8, 2017

Medium Alert ID: 55157 First Published: 2017 September 8 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30540 may contain the following files: Name |...

CVE-2017-12611

creationtimestamp| type| source ---|---|--- 2017-09-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44556 2021-08-25 13:22:18+00:00| seen| https://t.me/truesecator/2035 2023-11-17 10:23:53+00:00| seen| https://t.me/arpsyndicate/256 2025-09-24 13:49:18+00:00|...