An Overview of 7726 User Reports: Uncovering SMS Scams and Scammer Strategies

Mobile network operators implement firewalls to stop illicit messages, but scammers find ways to evade detection. Previous work has looked into SMS texts that are blocked by these firewalls. However, there is little insight into SMS texts that bypass them and reach users. To this end, we...

GHSA-33HW-XHFH-944R

creationtimestamp| type| source ---|---|--- 2025-04-14 23:53:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11732 2025-04-15 00:36:52+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114339178869394068 2025-04-22 02:39:11+00:00| seen|...

GHSA-56W8-8PPJ-2P4F

creationtimestamp| type| source ---|---|--- 2025-01-26 22:08:41+00:00| seen| https://bsky.app/profile/xeiaso.net/post/3lgogtwtqxp26 2025-01-26 22:09:53+00:00| seen| https://bsky.app/profile/cadey.pony.social.ap.brid.gy/post/3lgogvsvnfec2 2025-01-27 23:05:27+00:00| seen|...

Hwameistor Potential Permission Leakage of Cluster Level

Impact What kind of vulnerability is it? Who is impacted? This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a...

DNS resolution issue with new 13.0.86.17 client

ADC version 13.0.86.17, with 'Citrix Secure Access' VPN client the same version, shows as version 22.2.1.103 in the client. The old client was 13.0.58.30 shown as 21.3.1.2 1. Some users report that on the new client they cannot resolve any DNS record...

U.S. General Services Administration: Read Other Users Reports Through Cloning

Summary: I team, I have found a vulnerability where I am able to read other users reports through the clone report function. If an attacker goes to try read another users report, we get a 500 internal error response. But if an attacker uses the clone report function, we are able to clone a victim...

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

Description More instances of CSRF Proof of Concept /index.php?route=/panel/users/reports/&action=close&id=1 /index.php?route=/panel/users/reports/&action=open&id=1 /index.php?route=/panel/core/emails/errors/&do=delete&id=2 /index.php?route=/panel/core/emails/errors/&do=purge...

Widespread Instagram Hack Locking Users Out of Their Accounts

Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts. A growing number of Instagram users are taking to social media, including Twitter and Reddit, to report a...

Exosrv.com, an ad server for adult sites, tops Malwarebytes detections

Update 12/18/2017: Upon review, we have decided to lift the block on those two ad servers. You can read ExoClick's comments below: At Exoclick we use large resources to ensure that the ads that we serve are clear, clean and issue free. Where malwares and other forms of malvertising are detected...

Moderate: Red Hat Bug Fix Advisory: setroubleshoot bug fix and enhancement update

Updated setroubleshoot packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 7. The setroubleshoot packages contain a set of analysis plug-ins for use with the setroubleshoot utility. Each plug-in has the capacity to analyze SELinux Access Vect...

CVE-2002-1538

Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable...