42 matches found
EUVD-2007-1176
Malware in sbrugna...
EUVD-2018-13393
Malware in sbrugna...
EUVD-2006-0122
Malware in sbrugna...
EUVD-2000-0989
Malware in sbrugna...
CVE-2025-49583
XWiki (platform) vulnerability CVE-2025-49583 involves a user without script-right creating a document containing an XWiki.Notifications.Code.NotificationEmailRendererClass object. When an admin later edits and saves that document, the email templates in this object are used for notifications. Th...
CVE-2025-47779
Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE RFC 3428 authentication do not get proper alignment. An authenticated attacker...
Spammers abuse Google Forms’ quiz to deliver scams
Spammers are exploiting the "Release scores" feature of Google Forms quizzes to deliver email. The emails originate from Googles own servers and consequently may have an easier time bypassing anti-spam protections and finding the victims inbox. Volumes of these messages hovered near noise levels...
SUSE CVE-2015-5331
Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...
Moodle improper access control
Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...
GHSA-M7CC-6VHG-39WR Moodle improper access control
Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...
New Study Warns of Security Threats Linked to Recycled Phone Numbers
A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online...
2020 Ends With A Bang
December 2020 was an eventful month in cyber security. This blog recaps three of the major security events we saw towards the end of last year. December began with FireEye’s breach announcement that included a leak of its red team tools arsenal. Quickly after this announcement, Imperva Threat...
'Double Extortion' Ransomware Attacks Spike
Victims of ransomware attacks now face a double whammy of headaches. Cybercriminals are increasingly inflicting more pain on ransomware victims by threatening to leak compromised data or use it in future spam attacks, if ransom demands aren’t met. The ransomware tactic, call “double extortion,”...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
Design/Logic Flaw
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
Technical details for CVE-2018-20853 are not publicly available in the provided documents. Monitor for updates from vendor and security advisories.
Malicious PHP Script Infects 2,400 Websites in the Past Week
A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to an effective Hypertext Preprocessor PHP script also called Brain Food that h...
Access Restriction Bypass
Moodle is vulnerable to access restriction bypass. Authenticated attackers can circumvent access restrictions and conduct spam attacks because moodle doesn't correctly check the contact list before the authorization of message transmissions...