64 matches found
EUVD-2018-16907
Malware in sbrugna...
EUVD-2011-3062
Malware in sbrugna...
EUVD-2011-2838
Malware in sbrugna...
EUVD-2017-16738
Malware in sbrugna...
China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community
The Tibetan community has been targeted by a China-nexus cyber espionage group as part of two campaigns conducted last month ahead of the Dalai Lama's 90th birthday on July 6, 2025. The multi-stage attacks have been codenamed Operation GhostChat and Operation PhantomPrayers by Zscaler ThreatLabz...
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScrip...
tibetan-museum.org Cross Site Scripting vulnerability OBB-3445821
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tibetan-museum.org Cross Site Scripting vulnerability OBB-3377691
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2011-3094
Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...
SUSE CVE-2017-7763
Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 5...
SUSE CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affect...
SUSE CVE-2018-5121
Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating syste...
Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
By Asheer Malhotra and Vitor Ventura. Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape. This framework is advertised as an imitation of the Cobalt Strike framework. The implants...
Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the...
Hackers using malicious Firefox extension to phish Gmail credentials
By Waqas The malicious Firefox extension is called FriarFox which is also being used by Chinese hackers to spy on Tibetan activists. This is a post from HackRead.com Read the original post: Hackers using malicious Firefox extension to phish Gmail credentials...
Malicious Mozilla Firefox Extension Allows Gmail Takeover
A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known...
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. "Threat actors aligned with the Chinese Communist Party's state interests delivered a customized malicious Mozilla...
China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks
A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher. Researchers discovered the new malware being distributed over the past six months through two separate campaigns. The first, in March, targeted...
1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...
1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...