4 matches found
PT-2026-46985
Name of the Vulnerable Software and Affected Versions vantage6 versions prior to 5.0.0 Description Users can reset their Multi-Factor Authentication MFA token through API routes that trigger email notifications. Because there is no limit on the number of emails that can be sent, an attacker could...
Malicious code in @nolimit-x/win32-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 343787b335da015be56f49d118534c54bf81abab9e53b40bec0114d23bcc95c7 Package ships a single 8.1 MB Windows PE nolimit-core.exe as its main entry with only the description 'nolimit-x native binary for Windows x64' — no...
CVE-2025-40753
Affected devices POWER METER SICAM Q100 (versions 2.60–2.61) and Q200 (versions 2.70–2.79) export the SMTP password in plain text within the Configuration File. This local-authenticated exposure allows an attacker with access to the device to extract credentials and abuse the configured SMTP serv...
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was fir...