tech-on.de Cross Site Scripting vulnerability OBB-2715492

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fastlane.tech Cross Site Scripting vulnerability OBB-2712295

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Report Claims Coinbase Selling User Geolocation Data to ICE

By Deeba Ahmed Tech Inquiry’s Jack Paulson has shared startling details about a 3-year contract between the US Department of Homeland… This is a post from HackRead.com Read the original post: Report Claims Coinbase Selling User Geolocation Data to ICE...

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...

‘Supercookies’ Have Privacy Experts Sounding the Alarm

A German ad-tech trial features what Vodafone calls “digital tokens.” Should you be worried?...

Malicious Package

Overview kaluza-tech is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

bostonbuildtech.in Cross Site Scripting vulnerability OBB-2666576

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

blackwomentalktech.com Cross Site Scripting vulnerability OBB-2665350

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

altf9.tech Cross Site Scripting vulnerability OBB-2664970

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills

Two bills attempting to reduce the power of Internet monopolies are currently being debated in Congress: S. 2992, the American Innovation and Choice Online Act; and S. 2710, the Open App Markets Act. Reducing the power to tech monopolies would do more to "fix" the Internet than any other single...

Malicious code in tech-doc-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dee66703b31e37413a9adb8a1182b0bad51b5cfb28fb03747f5dc30068e9196 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6444 Malicious code in tech-doc-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dee66703b31e37413a9adb8a1182b0bad51b5cfb28fb03747f5dc30068e9196 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in x-road-tech-radar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b81945cd23cfc6cea9cafc4f34272c267be424f5c5c28100a9d40e2f098cad58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7259 Malicious code in x-road-tech-radar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b81945cd23cfc6cea9cafc4f34272c267be424f5c5c28100a9d40e2f098cad58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Why Paper Receipts are Money at the Drive-Thru

Check out this handmade sign posted to the front door of a shuttered Jimmy Johns sandwich chain shop in Missouri last week. See if you can tell from the store owners message what happened. If you guessed that someone in the Jimmy Johns store might have fallen victim to a Business Email Compromise...

CVE-2022-30422

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter...

Remote code execution

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter...

CVE-2022-30422

Planet Time Enterprise by Proietti Tech Srl (versions 4.2.0.1, 4.2.0.0, 4.1.0.0, 4.0.0.0, 3.3.1.0, 3.3.0.0) is affected by CVE-2022-30422 due to a remote code execution vulnerability originating from the Viewstate parameter. The Red Hat, NVD, and CVE records consistently describe this as a remote...

CVE-2022-30422

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter...

Proietti Tech srl Planet Time Enterprise 信任管理问题漏洞

Proietti Tech Srl Proietti Tech srl Planet Time Enterprise is an attendance management software from Proietti Tech Srl, Italy. It facilitates human resource management through process automation and process simplification, making information available in real time. A security vulnerability exists...