Lucene search
K

244 matches found

Patchstack
Patchstack
added 6 days ago7 views

WordPress User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass vulnerability

Missing Authorization to Unauthenticated Payment Bypass vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin User Registration versions = 5.2.0...

6.5CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2026/06/22 12:45 p.m.35 views

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal install...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/19 2:0 p.m.18 views

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.6 views

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

5.6AI score
Exploits0
Patchstack
Patchstack
added 2026/04/15 10:3 p.m.8 views

WordPress ProfilePress plugin <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription vulnerability

Missing Authorization to Authenticated Subscriber+ Inactive Membership Plan Subscription vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin ProfilePress versions = 4.16.12...

4.3CVSS5.8AI score0.00316EPSS
Exploits0References1Affected Software1
HackRead
HackRead
added 2026/04/13 10:27 a.m.4 views

Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand

Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/04 2:9 p.m.9 views

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker...

8.8CVSS8.5AI score0.85778EPSS
Exploits35
The Hacker News
The Hacker News
added 2026/01/30 12:8 p.m.14 views

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services IIS servers located across Asia, bu...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/30 8:35 a.m.6 views

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

The Chinese hacking group known as Mustang Panda aka HoneyMyte has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky,...

7.8AI score
Exploits0
Securelist
Securelist
added 2025/12/29 10:0 a.m.20 views

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Overview of the attacks In mid-2025, we identified a malicious driver file on computer systems in Asia. The driver file is signed with an old, stolen, or leaked digital certificate and registers as a mini-filter driver on infected machines. Its end-goal is to inject a backdoor Trojan into the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/04 9:27 a.m.5 views

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-7451

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-30627

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0019EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2025/10/02 10:0 a.m.6 views

UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud

Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in search engine optimization SEO fraud and theft of high-value credentials, configuration files, and certificate data. Cisco's file census and DNS analysis show affected Internet Information Servic...

7.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/24 6:31 p.m.3 views

CVE-2025-58028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through = 2.0.1...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.3 views

CVE-2025-58028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through = 2.0.1...

6.5CVSS0.0019EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 6:54 p.m.2 views

WordPress Designil PDPA Thailand Plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Designil PDPA Thailand versions = 2.0...

6.5CVSS6AI score0.0019EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.9 views

CVE-2025-58028 WordPress Designil PDPA Thailand plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through = 2.0.1...

6.5CVSS0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:23 p.m.2 views

CVE-2025-58028 WordPress Designil PDPA Thailand plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through = 2.0.1...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:23 p.m.9 views

CVE-2025-58028

CVE-2025-58028 describes a stored XSS in the WordPress plugin Designil PDPA Thailand (vulnerable versions up to 2.0). The issue is attributed to Improper Neutralization of Input During Web Page Generation and is listed with a CVSS v3.1 base score of 6.5 (Medium) . Connected data confirms the affe...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
Rows per page
Query Builder