Lucene search
K

15 matches found

The Hacker News
The Hacker News
added 2025/12/12 2:4 p.m.15 views

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, first detected in August 2025, is designed to steal credentials and perform Man-in-the-Browser MitB...

7.5AI score
Exploits0
HackRead
HackRead
added 2025/12/09 10:14 p.m.15 views

Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft

Varonis threat analysts warn about Spiderman, a dangerous new kit that automates attacks against European banks and crypto customers, stealing a victim’s full identity profile...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/27 11:32 a.m.51 views

'Spider-Man: No Way Home' Pirated Downloads Contain Crypto-Mining Malware

Peter Parker might not be a mastermind cryptocurrency criminal, but the name Spiderman is quickly becoming more associated with the mining landscape. ReasonLabs, a leading provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into customer...

6.9AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/08/04 1:0 p.m.55 views

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

7AI score
Exploits0
OSV
OSV
added 2017/01/28 12:59 p.m.3 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

7.2CVSS5.8AI score0.24445EPSS
Exploits5References3
NVD
NVD
added 2017/01/28 12:59 p.m.15 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

9CVSS7.6AI score0.24445EPSS
Exploits5References3
Prion
Prion
added 2017/01/28 12:59 p.m.17 views

Command injection

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

9CVSS8.2AI score0.24445EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2017/01/28 12:38 p.m.26 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

7.6AI score0.24445EPSS
Exploits5References3
CVE
CVE
added 2017/01/28 12:38 p.m.60 views

CVE-2016-9554

CVE-2016-9554 affects Sophos Web Appliance (Secure Web Gateway) before version 4.3.1. The vulnerability exists in the web admin interface via MgrDiagnosticTools.php, where diagnostic tests invoke wget and pass user-controlled input in the url parameter to executeCommand, which calls exec() withou...

9CVSS7.5AI score0.24445EPSS
Exploits5References3Affected Software1
hackapp
hackapp
added 2016/04/01 9:42 a.m.18 views

Target of Spiderman - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Target of Spiderman published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/09/17 12:0 a.m.37 views

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

7.2CVSS0.9AI score0.08128EPSS
Exploits11
Exploit DB
Exploit DB
added 2013/09/17 12:0 a.m.37 views

Sophos Web Protection Appliance - clear_keys.pl Privilege Escalation (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

7.2CVSS6.6AI score0.08128EPSS
Exploits11
0day.today
0day.today
added 2013/09/17 12:0 a.m.63 views

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

This Metasploit module abuses a command injection on the clearkeys.pl perl script, installed with the Sophos Web Protection Appliance, to escalate privileges from the "spiderman" user to "root". This Metasploit module is useful for post exploitation of vulnerabilities on the Sophos Web Protection...

7.2CVSS7.1AI score0.08128EPSS
Exploits11
OpenVAS
OpenVAS
added 2013/09/09 12:0 a.m.33 views

Sophos Web Protection Appliance Multiple Vulnerabilities (Jul 2013) - Active Check

Sophos Web Protection Appliance is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.3AI score0.90133EPSS
Exploits17References1
Rows per page
Query Builder