Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign

The good news: Only organizations far behind on standard Windows patching have anything to worry about.

DARKReading
Open in Source
#vulnerability#web#ios#windows#apple#google#microsoft#git#pdf#auth#chrome#firefox#sap
Hamster Kombat Players Threatened by Spyware & Infostealers

Players can only access the game by first joining its Telegram channel, with some going astray in copycat channels with hidden malware.

SLiMS CMS 2.0 SQL Injection

SLiMS CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

StarTask CRM 1.9 SQL Injection

StarTask CRM version 1.9 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

UBM CMS 1.2 Insecure Direct Object Reference

UBM CMS version 1.2 suffers from an insecure direct object reference vulnerability.

TAIF LMS 5.8.0 Shell Upload

TAIF LMS version 5.8.0 suffers from a remote shell upload vulnerability.

Vencorp 2.1.1 SQL Injection

Vencorp version 2.1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Telegram App Flaw Exploited to Spread Malware Hidden in Videos

A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11. "