Security
Headlines
HeadlinesLatestCVEs

Tag

#web

GreedyBear: 40 Fake Crypto Wallet Extensions Found on Firefox Marketplace

A new, coordinated cybercrime campaign called "GreedyBear" has stolen over $1 million from crypto users. Learn how the group uses malicious extensions, malware, and fake websites in an industrial-scale attack uncovered by Koi Security.

HackRead
#web#git#chrome#firefox
GHSA-33r8-vrx9-rmcv: ExecuTorch integer overflow vulnerability leads to code execution

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.

Leak Reveals the Workaday Lives of North Korean IT Scammers

Spreadsheets, Slack messages, and files linked to an alleged group of North Korean IT workers expose their meticulous job-planning and targeting—and the constant surveillance they're under.

GHSA-8qf3-x8v5-2pj8: uv allows ZIP payload obfuscation through parsing differentials

## Impact In versions 0.8.5 and earlier of uv, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. This enabled two parser differentials against other Python package installers: 1. An attacker could contrive a ZIP archive that would extract with legitimate contents on some package installers, and malicious contents on others due to multiple local file entries. The attacker could choose which installer to target. 2. An attacker could contrive a "stacked" ZIP input with multiple internal ZIPs, which would be handled differently by different package installers. The attacker could choose which installer to target. In both cases, the outcome is that an attacker can produce a ZIP with a consistent digest that expands differently with different installers. The [ZIP standard](https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT) is ambiguous with respect to these behavior differentials. Consequently,...

Adult sites trick users into Liking Facebook posts using a clickjack Trojan

We found a host of blogspot pages involved in a malware campaign to promote their own content by using a LikeJack Trojan.

Mysterious Crime Spree Targeted National Guard Equipment Stashes

A string of US armory break-ins, kept quiet by authorities for months, points to a growing security crisis—and signs of an inside job.

Facebook users targeted in ‘login’ phish

Scammers are targeting Facebook users in this latest phishing campaign.

Yealink IP Phones and RPS (Redirect and Provisioning Service)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Yealink Equipment: IP Phones Vulnerability: Improper Restriction of Excessive Authentication Attempts, Allocation of Resources Without Limits or Throttling, Incorrect Authorization, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yealink IP products are affected: SIP-T19P_E2: Versions prior to 53.84.0.121 SIP-T21P_E2: Versions prior to 52.84.0.121 SIP-T23G: Versions prior to 44.84.0.121 SIP-T40G: Versions prior to 76.84.0.121 SIP-T40P: Versions prior to 54.84.0.121 SIP-T27G: Versions prior to 69.84.0.121 SIP-T41S: Versions prior to 66.84.0.121 SIP-T42S: Versions prior to 66.84.0.121 SIP-T46S: Versions prior to 66.84.0.121 SIP- T48S: Versions prior to 66.84.0.121 SIP-CP920: Versions prior to 78.84.0.121 SIP-T53: Versions p...

EG4 Electronics EG4 Inverters

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: EG4 Electronics Equipment: EG4 Inverters Vulnerabilities: Cleartext Transmission of Sensitive Information, Download of Code Without Integrity Check, Observable Discrepancy, Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to intercept and manipulate critical data, install malicious firmware, hijack device access, and gain unauthorized control over the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following EG4 Electronics inverters are affected: EG4 12kPV: All versions EG4 18kPV: All versions EG4 Flex 21: All versions EG4 Flex 18: All versions EG4 6000XP: All versions EG4 12000XP: All versions EG4 GridBoss: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319 The MOD3 command traffic between the monitoring application and the ...

Dreame Technology iOS and Android Mobile Applications

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Dreame Technology Equipment: Dreamehome and MOVAhome mobile applications Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the Dreame and MOVA mobile apps are affected: Dreamehome iOS app: Versions 2.3.4 and prior Dreamehome Android app: Versions 2.1.8.8 and prior MOVAhome iOS app: Versions 1.2.3 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER CERTIFICATE VALIDATION CWE-295 A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may include user credentials and sensitive session tokens. CVE-2025-8393 has bee...