Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Computer Laboratory Management 1.0 SQL Injection

Computer Laboratory Management version 1.0 suffers from a remote authenticated SQL injection vulnerability.

Packet Storm
Open in Source
#sql#vulnerability#web#windows#apple#php#auth#chrome#webkit
Gas Agency Management 2022 Cross Site Request Forgery

Gas Agency Management version 2022 suffers from a cross site request forgery vulnerability.

Garden Gate 2.6 SQL Injection

Garden Gate version 2.6 suffers from a remote SQL injection vulnerability.

How Phishing Attacks Adapt Quickly to Capitalize on Current Events

In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails

EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files

The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of a spear-phishing campaign codenamed EastWind. The attack chains are characterized by the use of RAR archive attachments containing a Windows shortcut (LNK) file that, upon opening, activates the infection sequence, culminating in the deployment of malware such

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

As many as 10 security flaws have been uncovered in Google's Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. "The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, compatible devices,"

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data