EUVD-2024-43376

Malicious code in bioql PyPI...

CVE-2024-49313

Cross-Site Request Forgery CSRF vulnerability in rudestan VKontakte Wall Post vkontakte-wall-post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through = 2.0...

CVE-2024-10227

creationtimestamp| type| source ---|---|--- 2024-10-29 12:15:37+00:00| seen| https://t.me/cvedetector/9277...

CVE-2024-49313 WordPress VKontakte Wall Post plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in rudestan VKontakte Wall Post vkontakte-wall-post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through = 2.0...

CVE-2023-23977 WordPress Heateor Social Comments Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Team Heateor WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments plugin = 1.6.1 versions...

PT-2023-19330 · WordPress · Team Heateor Wordpress Social Comments Plugin

Name of the Vulnerable Software and Affected Versions: Team Heateor WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments plugin versions = 1.6.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability requires authentication...

Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation

Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The network, which...

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io, a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores. Kirill V. Firsov was arrested Mar. 7 after arriving at New York's Jo...

QIWI: Слив какого-то access токена

An error occurred while specifying quotation mark in the GET parameter userId https://api.qiwi.me/social-networks/vk?userId=lc%27 Error contained API Token of Piggibox Application from social network VKontakte. При добавлении кавычки в GET параметр userId...

Malaysia Airlines Flight 17 investigation shows Russian disinformation campaigns have global reach

A little background: on July 17, 2014, Malaysia Airlines Flight 17 was shot from the sky on its way from Amsterdam to Kuala Lumpur above the Ukraine. The plane was hit by a surface-to-air missile, and as a result, all 298 people on board were killed. At that time, there was a revolt of pro-Russia...

CVE-2019-13299

creationtimestamp| type| source ---|---|--- 2019-07-05 03:59:56+00:00| seen| https://t.me/cveNotify/221...

Social Media Enumeration & Correlation Tool: Social Mapper

Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s...

Social Mapper - A Social Media Enumeration & Correlation Tool

A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob WilkinGreenwolf Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searchin...

Automated posting on Vkontakte public pages using VK API and Python

Vk.com Vkontakte is the most popular social network Russia and Ex-USSR with 430+ million users. Originally it was a Facebook clone. But now, after 10 years of development, these two services are quite different from each other. Traditional advantages of vk.com - huge amount of free music and vide...

Гости ВК (ВКонтакте) - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Гости ВК ВКонтакте published at the 'play' market has multiple vulnerabilities...

Музыка ВКонтакте ВК - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Музыка ВКонтакте ВК published at the 'play' market has multiple vulnerabilities...

Android Banking Trojan First to Gain Root Privileges

Developers behind an Android banking Trojan have fortified the malware with an exploit to help it gain root privileges; this is the first time a mobile banker that tries to obtain root privileges has been seen in the wild. Researchers detected the Tordow Trojan in February, but attackers have...

Kate Mobile Lite для ВКонтакте - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Kate Mobile Lite для ВКонтакте published at the 'play' market has multiple vulnerabilities...

This App Lets You Find Anyone's Social Profile Just By Taking Their Photo

Is Google or Facebook evil? Forget it! Russian nerds have developed a new Face Recognition technology based app called FindFace, which is a nightmare for privacy lovers and human right advocates. FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a...

Моя музыка ВКонтакте - Customized SSL, Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Моя музыка ВКонтакте published at the 'play' market has multiple vulnerabilities...