Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against...

Information Leakage Vulnerability in E3 Omni-Channel Central Platform of Shanghai Esaote Software Co.

E3 Omni-Channel Middle is an omni-channel new retail solution product for medium and large enterprises. Ltd. E3 Omni-Channel Middleware suffers from an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in RB Enterprise Management System of Shanghai Ruifang Technology Co.

RB Enterprise Management System is a zero-code, open source and free enterprise management system. RB Enterprise Management System of Shanghai Ruifang Technology Co., Ltd. suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the databa...

EUVD-2017-18594

Malware in sbrugna...

EUVD-2016-1326

Malware in sbrugna...

EUVD-2018-3013

Malware in sbrugna...

EUVD-2017-4234

Malware in sbrugna...

EUVD-2018-2497

Malware in sbrugna...

EUVD-2006-0231

Malware in sbrugna...

EUVD-2018-2786

Malware in sbrugna...

EUVD-2023-58110

Malicious code in bioql PyPI...

EUVD-2025-23221

Malicious code in bioql PyPI...

EUVD-2024-44125

Malicious code in bioql PyPI...

PT-2025-36770

Name of the Vulnerable Software and Affected Versions: Lingdang CRM versions through 8.6.5.4 Description: A server-side request forgery SSRF issue exists in Shanghai Lingdang Information Technology Lingdang CRM. The vulnerability is due to the manipulation of the corpurl argument within an unknow...

CVE-2025-9140

A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetailmoduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible t...

PT-2025-33625 · Unknown · Developer Tools

Name of the Vulnerable Software and Affected Versions: Developer Tools affected versions not specified Description: A missing input verification flaw exists in Developer Tools. This issue could allow for local escalation of privilege without requiring additional execution privileges...

Unauthorized Access Vulnerability in NPort 5410 of Mosaic Technology (Shanghai) Co.

The NPort 5410 is an industrial-grade serial communication processor, mainly used to connect traditional serial devices to the network for remote management and monitoring. An unauthorized access vulnerability exists in the NPort 5410 of Mosaic Technology Shanghai Co. Ltd, which can be exploited ...

Logic Flaw Vulnerability in Operation and Maintenance Management Audit System of Shanghai Shangxun Information Technology Co.

Founded in December 2010, Shanghai SinoCom-ArtM Information Technology Co., Ltd hereinafter referred to as "SinoCom-ArtM" is one of the leading providers of IT intelligent security operation and maintenance, data governance, security services and other fields in China. A logic flaw exists in the...

Unauthorized Access Vulnerability in ioLogik E1210-T of Mosaic Technology (Shanghai) Co.

The ioLogik E1210-T is an industrial Ethernet module. Mosaic Technology Shanghai Co. ioLogik E1210-T suffers from an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...

Unauthorized Access Vulnerability in ioLogik E1210 of Mosaic Technology (Shanghai) Co.

The ioLogik E1210 is an Ethernet I/O module that supports daisy-chain topology and is mainly used in industrial automation and device monitoring scenarios. Mosa Technologies Shanghai Co. ioLogik E1210 suffers from an unauthorized access vulnerability, which can be exploited by attackers to obtain...