11 matches found
CVE-2025-5470
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
EUVD-2025-202298
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
CVE-2025-5470
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
CVE-2025-5470 Dylib Hijacking in Yandex Disk
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
CVE-2025-5470 Dylib Hijacking in Yandex Disk
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
CVE-2025-5470
The CVE-2025-5470 entry details an Uncontrolled Search Path Element vulnerability in Yandex Disk for MacOS, enabling Search Order Hijacking. Affected: Yandex Disk on macOS prior to 3.2.45.3275. Root cause: improper control of the search path element. Impact is described as high across confidentia...
Yandex Disk 安全漏洞
Yandex Disk is a cloud storage service from the Russian company Yandex. A security vulnerability exists in Yandex Disk versions prior to 3.2.45.3275, which stems from improper control of the search path element and could lead to search order hijacking...
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT aka DCRat and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are...
New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control C2...
LianSpy: new Android spyware targeting Russian users
In March 2024, we discovered a campaign targeting individuals in Russia with previously unseen Android spyware we dubbed LianSpy. Our analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs a...
Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users — The Hacker News
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed CloudMensis by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox...