Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads

Scammers are using fake AI tools and Facebook ads to spread Noodlophile Stealer malware, targeting users with a…...

Download a banker to track your parcel

In late October 2024, a new scheme for distributing a certain Android banking Trojan called "Mamont" was uncovered. The victim would receive an instant message from an unknown sender asking to identify a person in a photo. The attackers would then send what appeared to be the photo itself but was...

Palantir 跨站脚本漏洞

Palantir is a data platform from Palantir, Inc. that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. A cross-site scripting vulnerability exists in Palantir Foundry Blobster prior to version 3.228.0 that stems from the presence...

GitHub: CSRF protection bypass in GitHub Enterprise management console

A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would need to target a user that was actively logged into the...

EEYE: Macromedia Shockwave Flash Malformed Header Overflow

Macromedia Shockwave Flash Malformed Header Overflow Release Date: August 8, 2002 Severity: High Remote Code Execution Systems Affected: Macromedia Shockwave Flash - All Versions; Unix and Windows; Netscape and Internet Explorer Description: While working on some pre-release eEye Retina CHAM tool...