CVE-2025-12842

The Booking Plugin for WordPress Appointments – Time Slot plugin for WordPress is vulnerable to unauthorized email sending in versions up to, and including, 1.4.7 due to missing validation on the tslotapptemail AJAX action. This makes it possible for unauthenticated attackers to send appointment...

The chronicles of Emotet

More than six years have passed since the banking Trojan Emotet was first detected. During this time it has repeatedly mutated, changed direction, acquired partners, picked up modules, and generally been the cause of high-profile incidents and multimillion-dollar losses. The malware is still in...

Someone Hijacks A Popular Chrome Extension to Push Malware

Phishers have recently hacked an extension for Google Chrome after compromising the Chrome Web Store account of German developer team a9t9 software and abused to distribute spam messages to unsuspecting users. Dubbed Copyfish, the extension allows users to extract text from images, PDF documents...

Threat Outbreak Alert RuleID28500: Email Messages Distributing Malicious Software on March 28, 2017

Medium Alert ID: 53193 First Published: 2017 March 28 13:29 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28500 may contain the following files: Name | Si...

Threat Outbreak Alert RuleID27012: Email Messages Distributing Malicious Software on December 22, 2016

Medium Alert ID: 52210 First Published: 2016 December 22 16:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID27012 may contain the following files: Name |...

Sitecom Home Storage Center Directory Traversal

Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 3, 2012 Vulnerability Type= Directory Traversal Impact= - System Access - Exposure of...

Conceptronic GrabnGo and Sitecom Storage Center - Password Disclosure

Conceptronic GrabnGo and Sitecom Storage Center - Password Disclosure Updated to include Sitecom MD-253 and MD254 Minor textual changes == Conceptronic Grab’n’Go and Sitecom Storage Center - Password disclosure Vulnerability - Security Advisory AA-002 Severity Rating: High Discovery Date: May 5,...

Spam Report: USA No Longer The World's Most Obnoxious Nation

For the first time in recent memory, the United States is no longer among the world’s premier spam distributors. In fact, the US isn’t even in the top ten, according to a new report from Kaspersky Lab. The U.S., once a preeminent leader in pushing out spam e-mail now only occasionally appears in...

Mega-D: March, 2010

The takedown of Mega-D, also known as Ozdok, was spearheaded by researchers at anti-botnet firm FireEye. The botnet, a byproduct of PC infections linked to the Mega-D Trojan, comprised tens of thousands of machines and was responsible for sending out a large portion of the spam on the Internet–at...

WordPress Plugin SpamBam - Key Calculation Security Bypass

WordPress Plugin SpamBam - Key Calculation Security Bypass source: https://www.securityfocus.com/bid/27291/info SpamBam is prone to a security-bypass vulnerability because client-accessible data can be used to calculate verification keys. Attackers can exploit this issue to submit arbitrary form...