Help on the line: How a Microsoft Teams support call led to compromise

In our eighth Cyberattack Series report, Microsoft Incident Response—the Detection and Response Team DART—investigates a recent identity-first, human-operated intrusion that relied less on exploiting software vulnerabilities and more on deception and legitimate tools. After a customer reached out...

EUVD-2024-38585

Malicious code in bioql PyPI...

EUVD-2024-38588

Malicious code in bioql PyPI...

CVE-2025-23109

Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS 134...

CVE-2024-40723

The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily...

CVE-2024-40720

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the HKEYCURRENTUSER registry to execute arbitrary commands...

CVE-2024-40722

CVE-2024-40722 affects the TCBServiSign Windows Version from CHANGING Information Technology. The vulnerability is caused by an API that does not properly validate the length of server-side input, enabling unauthenticated remote attackers to trigger a stack-based buffer overflow when a user visit...

CVE-2024-40722 CHANGING Information Technology TCBServiSign Windows Version - Stack-based Buffer Overflow

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily...

CVE-2024-40721 CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path...

CVE-2024-40720 CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the HKEYCURRENTUSER registry to execute arbitrary commands...

CVE-2024-40720

The CVE-2024-40720 entry concerns CHANGING Information Technology’s TCBServiSign Windows Version. A specific API fails to properly validate server-side input, enabling unauthenticated, remote attackers to modify the HKEY_CURRENT_USER registry when a user visits a spoofed website and execute arbit...

CVE-2024-40720 CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the HKEYCURRENTUSER registry to execute arbitrary commands...

PT-2024-29000 · Changing Information Technology · Tcbservisign

Name of the Vulnerable Software and Affected Versions: TCBServiSign Windows Version from CHANGING Information Technology affected versions not specified Description: The issue concerns improper validation of server-side input in a specific API. This allows unauthenticated remote attackers to caus...

Changing TCBServiSign 输入验证错误漏洞

Changing TCBServiSign is a cross-platform security control component from Changing, China. An input validation error vulnerability exists in versions prior to Changing TCBServiSign 1.0.24.0318. The vulnerability stems from a specific API that does not properly validate server-side input, allowing...

Information Disclosure

Firefox is vulnerable to a Information Disclosure. The vulnerability is due to a network error during page load causing the prior content to remain in view with a blank URL bar, which attackers can use to obfuscate a spoofed website. This vulnerability affects Firefox versions below 126...

CVE-2024-4773

When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox 126...

CVE-2024-4773

When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox 126...

A cryptor, a stealer and a banking trojan

Introduction As long as cybercriminals want to make money, theyll keep making malware, and as long as they keep making malware, well keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. For example, we published a private report ...

Oracle Linux 5 : Moderate: / ruby (ELSA-2007-0965)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0965 advisory. 1.8.5-5.el51.1 - security fix for CVE-2007-5162 and CVE-2007-5770 - ruby-1.8.5-CVE-2007-5162.patch: fix issues that is insufficient verification of SSL...

CVE-2021-23984

A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This...