432 articles
ThreatFabric tracked a TrickMo variant using The Open Network (TON) for C2 and SOCKS5 proxies to pivot into victim networks, targeting banking and crypto users in France, Italy,...
ICO fined South Staffordshire Water £963,900 after Cl0p ransomware gang leaked data of 663,887 customers — phishing attack went undetected for 20 months.
CVE-2026-36962: Unauthenticated SQL injection in MuuCMF T6 v1.9.4.20260115 lets attackers dump databases, gain admin access, and achieve RCE via file writes.
West Pharmaceutical Services took systems offline globally after a May 4 ransomware attack with data exfiltration. Unit 42 is investigating; ransom may have been paid.
Specops Software explains how cached credentials, Kerberos tickets, and ACL persistence let attackers survive password resets in AD and hybrid Entra ID environments.
CVE-2026-44643 in Angular Expressions <1.5.2 lets attackers escape the sandbox via malicious filter expressions to execute arbitrary code on the system.
CVE-2026-6815 in Casdoor's Local File System storage provider lets authenticated admins traverse paths to write arbitrary files outside the sandbox. No patch yet.
CVE-2026-6093: A SQL injection vulnerability in Corteza's MSSQL backend allows unauthenticated attackers to extract database contents via Compose record meta-field filters.
CVE-2026-6433: Unauthenticated SQL injection in Custom css-js-php plugin ≤2.0.7 lets attackers execute arbitrary PHP via eval(). No patch available.
CVE-2025-61314: Reflected XSS in GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary JS via crafted payload in dfm-menu_orderopt.php.
CVE-2025-65417: A reflected XSS flaw in docuFORM Managed Print Service Client 11.11c lets unauthenticated attackers execute arbitrary scripts via the login page.
CVE-2026-5084: WebDyne::Session through 2.075 for Perl generates session IDs from an MD5 hash seeded with rand(), enabling session prediction and hijacking.
