CVE-2025-23862

Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot contact-form-7-anti-spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through = 1.0.1...

EUVD-2012-6429

Malware in sbrugna...

SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

This module enables your site to obfuscate Email addresses and prevent spambots to collect them. The module doesn't sanitize HTML data attributes when an email address link is transformed to separate span HTML elements and then transformed back by JavaScript leading to a Cross Site Scripting XSS...

WordPress Contact Form 7 Anti Spambot plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Contact Form 7 Anti Spambot versions = 1.0.1...

European Authorities Disrupt Emotet — World's Most Dangerous Malware

Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. The coordinated takedown of the botnet on Tuesday — dubbed "Operation...

Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks

Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download,...

Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks

Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download,...

Anti-Spam by CleanTalk - Critical - Cross site scripting and SQL Injection - SA-CONTRIB-2019-010

Anti-spam module by CleanTalk to protect your Drupal sites from spambot registration and spam comments publications thru comment and contact forms. This module does not sufficiently filter submitted content in certain circumstances...

Victims Lose Access to Thousands of Photos as Instagram Hack Spreads

An Instagram hack is spreading across the internet, with increasing numbers of victims finding their accounts hijacked and personal details altered — and account recovery so far impossible. Starting in the beginning of the month, people started experiencing random log-outs on their accounts; from...

A WordPress SPAMbot Wants You to Bet on the 2018 FIFA World Cup

Our researchers recently picked up on a spike in SPAM activity directed at sites powered by WordPress, which, naturally, led them to take a closer look. Turns out the attack was launched by a botnet and implemented in the form of comment SPAM - meaningless, generic text generated from a template...

Creative Spam Thinks Outside the Macro with .IQY Attachments

The Necurs botnet is driving a fresh spam campaign that uses Excel Web Query .IQY file attachments to skim under the antivirus radar. If successful, the attack ultimately delivers the remote access trojan RAT known as FlawedAmmyy. This is the third wave in an offensive that started in late May. T...

On the Onliner Spambot, WireX, and Sarahah

Mike Mimoso and Chris Brook discuss the news of the week, including the Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more. Download: ThreatpostNewsWrapSeptember12017.mp3 Music by Chris Gonsalves Show notes: Google Reminding Admins HTT...

Spambot Contains 'Mind-Boggling' Amount of Email, SMTP Credentials

Researchers have managed to penetrate a spam bot and uncover a massive list of 711 million records that includes email addresses, email and password combinations some in cleartext, and SMTP credentials and configuration files. Troy Hunt who runs the Have I Been Pwned service called it a...

Onliner Spambot dump exposes 711 Million email and passwords

By Waqas The year 2017 has already been the year for some This is a post from HackRead.com Read the original post: Onliner Spambot dump exposes 711 Million email and passwords...

Over 711 Million Email Addresses Exposed From SpamBot Server

A massive database of 630 million email addresses used by a spambot to send large amounts of spam to has been published online in what appears to be one of the biggest data dumps of its kind. A French security researcher, who uses online handle Benkow, has spotted the database on an "open and...

TrickBot Banking Trojan Could Be Dyre Rewrite

Despite the fact that the criminals allegedly behind the creation and distribution of the Dyre banking Trojan are in a Russian jail, a new piece of malware in the wild has enough similarities to Dyre that researchers are wondering whether there’s a connection. The new malware is called TrickBot a...

Malicious Google DoubleClick Advertisements Distributed Malware to Millions of Computers

Cyber criminals have exploited the power of two online advertising networks, Google's DoubleClick and popular Zedo advertising agency, to deliver malicious advertisements to millions of internet users that could install malware on a user's computer. A recent report published by the researcher of...

Critroni - File Encrypting Ransomware out in the Wild

A new ransomware from the Crypto-Ransomware family has been detected by the security researcher, which is being sold in different underground forums from the last month and recently included in the Angler exploit kit. The latest ransomware, given the name “Critroni”, includes a number of odd...

Critroni Crypto Ransomware Seen Using Tor for Command and Control

There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen...

Cutwail-Like Wigon.PH_44 Trojan Sends Spam, Steals Data

A new spambot has been discovered that generates copious amounts of HTTP POST and GET requests in an attempt to disguise what it’s really up to and throw off the scent of detection capabilities. “In this case, it seems like it’s trying to hide impactful communication where there are actual payloa...