unicef-hope-aurora (>=1.7.0.dev639 <=1.7.0rc1) potentially affected by CVE-2025-13030 via django-mdeditor (=0.1.20)

django-mdeditor PYPI version =0.1.20 is affected by a known vulnerability. The following packages have a transitive dependency on django-mdeditor and may be impacted: - unicef-hope-aurora =1.7.0.dev639, =1.7.0rc1 Source cves: CVE-2025-13030 Source advisory: OSV:GHSA-QP2C-XQV6-PHH6...

PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine

SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan RAT linked to Russian infrastructure...

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control C2. The activity, which took place o...

unicef-hope-aurora (>=1.7.0.dev639 <=1.7.0rc1) potentially affected by CVE-2025-13030 via django-mdeditor (=0.1.20)

django-mdeditor PYPI version =0.1.20 is affected by a known vulnerability. The following packages have a transitive dependency on django-mdeditor and may be impacted: - unicef-hope-aurora =1.7.0.dev639, =1.7.0rc1 Source cves: CVE-2025-13030 Source advisory: SNYK:PYTHON-DJANGOMDEDITOR-8630926...

OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users

A hacking group dubbed OilAlpha with suspected ties to Yemen's Houthi movement has been linked to a cyber espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian peninsula. "OilAlpha used encrypted chat messengers like WhatsApp to launch...

"School From Home" Changes Residential Internet Safety and Security Dynamics

2020 has been a year of epic change as we all work together to minimize the adverse impact of COVID-19. There's been extensive coverage in blogs and media as businesses navigated a rapid transition to remote work for their employees and pivoted to address an entirely new set of security...

U.N., UNICEF, Red Cross Under Ongoing Mobile Attack

An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign is using landing pages signed by SSL certificates, to create legitimate-looking Microsoft Office 365 login pages...

UNICEF Leaks Personal Data of 8,000 Users via Email Blunder

The charity organization UNICEF inadvertently leaked the personal details of thousands of people who use its online learning portal Agora by way of an errant email sent to 20,000 inboxes. The email was accidentally sent on August 26 by UNICEF and included the names, email addresses, gender and...

shop.unicef.be XSS vulnerability

Open Bug Bounty ID: OBB-676378 Description| Value ---|--- Affected Website:| shop.unicef.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

unicef.pt XSS vulnerability

Open Bug Bounty ID: OBB-597613 Description| Value ---|--- Affected Website:| unicef.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

unicef.ch XSS vulnerability

Open Bug Bounty ID: OBB-578637 Description| Value ---|--- Affected Website:| unicef.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

stopchildabuse.unicef.my XSS vulnerability

Vulnerable URL: https://stopchildabuse.unicef.my/actpledgeviewgallery.php?q=%22%3E%3CBODY%20ONLOAD=alert%281%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

unicef.org XSS vulnerability

Vulnerable URL: http://www.unicef.org/search/search.php/--a?q=sai Details: Description| Value ---|--- Patched:| Yes, at 22.09.2016 Latest check for patch:| 22.09.2016 09:38 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 10415 VIP website status:| Yes Check...

blogs.unicef.org XSS vulnerability

Vulnerable URL: https://blogs.unicef.org/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...

unicef.org XSS vulnerability

Vulnerable URL: http://www.unicef.org/infobycountry/flashdetection.swf?flashContentURL=javascript:alert/XSSPOSED/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12112 Google...

unicef.gr XSS vulnerability

Open Bug Bounty ID: OBB-129492 Description| Value ---|--- Affected Website:| unicef.gr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

unicef.pl XSS vulnerability

Vulnerable URL: https://www.unicef.pl/Wspolpraca-ze-szkolami/Szkoly-wspolpracujace/%28offset%29/630/%28szkola%29/ckqevtjddm.html?schoolname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS...

Cybercrime Profits Approaching Those Of The Drug Trade?

The yearly cost of cybercrime may have surpassed that brought in by the illegal trades in marijuana, cocaine and heroin combined, and could be rapidly approaching the entire value of global drug trafficking, according to a new survey conducted by security firm Symantec. Annual losses resulting fr...

United Nations Children's Fund (UNICEF) Hacked by ZCompany Hacking Crew

United Nations Children's Fund UNICEF Hacked byZCompany Hacking Crew On 6/6/2011 Pakistani hackers group named ZCompany Hacking Crew deface the official website of United Nations Children's Fund UNICEF , The Screenshot is as above. Link : https://unicef.bg/bg Mirror :...

United Nations Children's Fund (UNICEF) Hacked by ZCompany Hacking Crew

United Nations Children's Fund UNICEF Hacked by ZCompany Hacking Crew On 6/6/2011 Pakistani hackers group named ZCompany Hacking Crew deface the official website of United Nations Children's Fund UNICEF , The Screenshot is as above. Link : https://unicef.bg/bg Mirror :...