Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface API for command-and-control C2 communications. "Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as ...

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team DART researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface API as a mechanism for command-and-control C2 communications. Instead of relying on more traditional...

Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics

Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks. The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business...

Wordpress Plugin Medcity 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

EUVD-2025-35025

Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2025-11675

Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2025-11675 Ragic｜Enterprise Cloud Database - Arbitrary File Upload

Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2025-11675

CVE-2025-11675 affects Ragic’s Enterprise Cloud Database. The connected sources describe an Arbitrary File Upload vulnerability that lets privileged remote attackers upload and execute web shell backdoors, enabling arbitrary code execution on the server. The reports consistently name the affected...

PT-2025-41775

Name of the Vulnerable Software and Affected Versions Ragic Enterprise Cloud Database affected versions not specified Description The Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload issue. This allows remote attackers with specific privileges to upload and execute web...

Vlang-Pentest-Framework

🔥 Vlang Pentest Framework ██╗ ██╗██████╗ ███████╗███╗...

CVE-2025-35055 Newforma Info Exchange (NIX) insecure file upload

Newforma Info Exchange NIX '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated attacker to upload an arbitrary file to any location writable by the NIX application. An attacker can upload and run a web shell or other content executable by the web server. An attacker can also delete...

FlowiseAI/Flosise has File Upload vulnerability

Summary A file upload vulnerability in FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution RCE. Details The system fails to...

GHSA-35G6-RRW3-V6XC FlowiseAI/Flosise has File Upload vulnerability

Summary A file upload vulnerability in FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution RCE. Details The system fails to...

CVE-2025-61687

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider aka Cl0p, and that the first known exploitation occurred on August 9, 2025. The malicious activity...

EUVD-2020-21327

Malware in sbrugna...

CVE-2025-61687

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

CVE-2025-61687 FlowiseAI/Flosise has File Upload vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

CVE-2025-61687 FlowiseAI/Flosise has File Upload vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

CVE-2025-61687

CVE-2025-61687 pertains to FlowiseAI/Flowise 3.0.7, where a file upload vulnerability allows authenticated users to upload arbitrary files without validating extensions, MIME types, or content. The flaw enables persistent storage of malicious Node.js web shells on the server, exposing HTTP endpoi...