CVE-2025-9629 USS Upyun <= 1.5.0 - Cross-Site Request Forgery

The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on the usssettingpage function when processing the ussset form type. This makes it possible for unauthenticated attacker...

Friday Squid Blogging: US Naval Ship Attacked by Squid in 1978

Interesting story: USS Stein was underway when her anti-submarine sonar gear suddenly stopped working. On returning to port and putting the ship in a drydock, engineers observed many deep scratches in the sonar dome's rubber "NOFOUL" coating. In some areas, the coating was described as being...

Malicious code in shop-market-uss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54d918200bb505e6aa723098cbe7ac5561cc35eb28097ea8968ddc037fd3018 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11089 Malicious code in shop-market-uss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54d918200bb505e6aa723098cbe7ac5561cc35eb28097ea8968ddc037fd3018 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in uss-vod-js-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f069de485e57ad5262d4b158a8a64d396cae1798fd4fa85cf2802ac7fec711e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in listing-uss-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5bdefff07d9e9bd5fa8b0b524652775ca14bf5851937f5fa73f1e783996ad940 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10751 Malicious code in listing-uss-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5bdefff07d9e9bd5fa8b0b524652775ca14bf5851937f5fa73f1e783996ad940 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

US Navy ship Facebook page hijacked to stream video games

The official Facebook page of the US Navy’s destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose, who first reported on the incident, the account has done nothing but stream Age of Empires, an award-winning, history-based real-time strategy RTS video game wherein...

US Navy investigating whether its crashed ship was hacked (Updated)

By Carolina Its no surprise that ships can be hacked but did someone hack This is a post from HackRead.com Read the original post: US Navy investigating whether its crashed ship was hacked Updated...

CVE-2012-5951

CVE-2012-5951 affects IBM Tivoli NetView for z/OS (NetView vXrX in v5.1–5.4 and v6.1; 1.4) and enables local privilege escalation by abusing USS security level. Exploitation details in connected docs show: locate cnmeunix at /usr/lpp/netview/vXrX/bin/cnmeunix (vXrX ≥5.1 and ≤5.4 or =6.1) and run ...