415 matches found
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat APT group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new...
MAL-2026-6566 Malicious code in date-uuid (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dffbe61370f78deed5bacbc8f6bc46a8a989f03da218643a41b52ed025fa6a Package advertised as a UUIDv7 helper, but on require/import it auto-invokes extractDateISO in bootstrap.js, which reads README.md from process.cwd,...
Exploit for Out-of-bounds Write in Microsoft
CVE-2016-0189 Proof-of-Concept exploit for CVE-2016-0189 VBSc...
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 CVSS score: 9.1 - An SQL injection...
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...
WhatsApp malware campaign delivers VBScript and MSI backdoors
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...
Microsoft Windows Malicious Script File Generator
This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...
Multiple Cisco Products Snort 3 Visual Basic for Applications DoS Vulnerabilities (cisco-sa-ftd-snort3-vbavuls-96UcVVed_CVE-2026-20053_CVE-2026-20054_CVE-2026-20057)
According to its self-reported version, Cisco ASA Software is affected by multiple vulnerabilities. - Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This...
EUVD-2026-9460
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...
CVE-2026-20058
CVE-2026-20058 affects Cisco products featuring the Snort 3 VBA capability. The issue stems from improper error checking when decompressing VBA data in the Snort 3 Detection Engine, which could allow an unauthenticated, remote attacker to send crafted VBA data over the network and cause the Detec...
CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...
CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...
CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...
CVE-2026-20057
CVE-2026-20057 affects multiple Cisco products via the Snort 3 VBA feature. The issue stems from lack of proper error checking when decompressing VBA data, enabling an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash and restart, resulting in a DoS (availability imp...
CVE-2026-20057
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...
CVE-2026-20054
Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...
CVE-2026-20054 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...
CVE-2026-20053 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Heap Overflow Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...
CVE-2026-20053
Cisco CVE-2026-20053 affects multiple Cisco products via Snort 3 Visual Basic for Applications (VBA) Decompression Engine. The vulnerability stems from improper range checking when decompressing VBA data, which is user-controlled, enabling an unauthenticated, remote attacker to cause the Snort 3 ...
Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications VBA Decompression Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition. For mor...