Versatile Malware Loader pkr_mtsi Delivers Diverse Payloads
Malicious Windows packer named pkr_mtsi used as a flexible malware loader in malvertising campaigns
Aggregator
Brazilian Firm Futurize Sistemas Breached
5 months 1 week ago
You must login to view this content
cohenido
Ransomware Hits a Claims Giant: What the Sedgwick Breach Reveals About Modern Extortion Attacks
5 months 1 week ago
A recent breach disclosure reveals that claims management firm Sedgwick was targeted by the TridentLocker ransomware group, with attackers claiming to have exfiltrated sensitive data from systems supporting its government services operations before deploying ransomware, according to Cybersecurity News. While Sedgwick has not disclosed full technical details, the incident follows a well-established ransomware playbook. Attackers
The post Ransomware Hits a Claims Giant: What the Sedgwick Breach Reveals About Modern Extortion Attacks appeared first on Seceon Inc.
The post Ransomware Hits a Claims Giant: What the Sedgwick Breach Reveals About Modern Extortion Attacks appeared first on Security Boulevard.
Kriti Tripathi
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns Delivering Multiple Malware Families
5 months 1 week ago
A sophisticated Windows packer known as pkr_mtsi has emerged as a powerful tool for delivering multiple malware families through widespread malvertising campaigns. First detected on April 24, 2025, this malicious packer continues to operate actively, distributing trojanized installers disguised as legitimate software applications. The packer targets popular tools including PuTTY, Rufus, and Microsoft Teams, using […]
The post Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns Delivering Multiple Malware Families appeared first on Cyber Security News.
Tushar Subhra Dutta
Microsoft: Classic Outlook bug prevents opening encrypted emails
5 months 1 week ago
Microsoft has confirmed a known issue that prevents recipients from opening encrypted emails in classic Outlook. [...]
Sergiu Gatlan
CVE-2025-69346 | WPCenter AffiliateX Plugin up to 1.3.9.3 on WordPress authorization (EUVD-2026-0950 / CNNVD-202601-992)
5 months 1 week ago
A vulnerability identified as critical has been detected in WPCenter AffiliateX Plugin up to 1.3.9.3 on WordPress. This impacts an unknown function. This manipulation causes missing authorization.
This vulnerability appears as CVE-2025-69346. The attack may be initiated remotely. There is no available exploit.
vuldb.com
CVE-2025-69348 | CoolHappy Events Calendar Countdown Addon Plugin up to 1.4.15 on WordPress authorization (EUVD-2026-0949 / CNNVD-202601-991)
5 months 1 week ago
A vulnerability labeled as critical has been found in CoolHappy Events Calendar Countdown Addon Plugin up to 1.4.15 on WordPress. Affected is an unknown function. Such manipulation leads to missing authorization.
This vulnerability is traded as CVE-2025-69348. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-69336 | bdthemes Ultimate Store Kit Elementor Addons Plugin up to 2.9.4 on WordPress authorization (CNNVD-202601-994)
5 months 1 week ago
A vulnerability was found in bdthemes Ultimate Store Kit Elementor Addons Plugin up to 2.9.4 on WordPress. It has been declared as critical. The affected element is an unknown function. Executing a manipulation can lead to missing authorization.
This vulnerability is registered as CVE-2025-69336. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2025-69341 | BuddhaThemes WeDesignTech Ultimate Booking Addon Plugin up to 1.0.3 on WordPress authorization (CNNVD-202601-995)
5 months 1 week ago
A vulnerability was found in BuddhaThemes WeDesignTech Ultimate Booking Addon Plugin up to 1.0.3 on WordPress. It has been rated as critical. The impacted element is an unknown function. The manipulation leads to missing authorization.
This vulnerability is documented as CVE-2025-69341. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-69345 | BoldGrid Post and Page Builder Plugin up to 1.27.9 on WordPress authorization (EUVD-2026-0961 / CNNVD-202601-993)
5 months 1 week ago
A vulnerability categorized as critical has been discovered in BoldGrid Post and Page Builder Plugin up to 1.27.9 on WordPress. This affects an unknown function. The manipulation results in missing authorization.
This vulnerability is reported as CVE-2025-69345. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-69342 | VanKarWai Calafate Plugin up to 1.7.7 on WordPress filename control (CNNVD-202601-996)
5 months 1 week ago
A vulnerability, which was classified as critical, has been found in VanKarWai Calafate Plugin up to 1.7.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion').
This vulnerability is referenced as CVE-2025-69342. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
ownCloud Urges Users to Enable Multi-Factor Authentication Following Credential Theft
5 months 1 week ago
ownCloud has urgently urged users of its Community Edition to enable multi-factor authentication (MFA). A threat intelligence report from Hudson Rock highlighted incidents in which attackers compromised self-hosted file-sharing platforms, including some ownCloud deployments, but ownCloud stresses that its platform itself remains unbreached. Hudson Rock’s analysis revealed no zero-day exploits or vulnerabilities in ownCloud’s architecture. […]
The post ownCloud Urges Users to Enable Multi-Factor Authentication Following Credential Theft appeared first on Cyber Security News.
Guru Baran
CrazyHunter Ransomware Attacking Healthcare Sector with Advanced Evasion Techniques
5 months 1 week ago
CrazyHunter ransomware has emerged as a critical and evolving threat that specifically targets healthcare organizations and sensitive medical infrastructure. This Go-developed malware represents a significant escalation in ransomware sophistication, employing advanced encryption methods and delivery mechanisms designed to bypass modern security defenses. Healthcare institutions in Taiwan have experienced repeated attacks, with at least six known […]
The post CrazyHunter Ransomware Attacking Healthcare Sector with Advanced Evasion Techniques appeared first on Cyber Security News.
Tushar Subhra Dutta
CVE-2020-36907 | Aerohive HiveOS up to 11.x NetConfig UI action.php5 allocation of resources (Exploit 48441 / EUVD-2026-1030)
5 months 1 week ago
A vulnerability classified as problematic was found in Aerohive HiveOS up to 11.x. Impacted is an unknown function of the file action.php5 of the component NetConfig UI. The manipulation results in allocation of resources.
This vulnerability is identified as CVE-2020-36907. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2020-36914 | Shenzhen Xingmeng Qihang Media QiHang Media Web Digital Signage 3.0.9.0 cleartext transmission (ZSL-2020-5578 / EUVD-2026-1023)
5 months 1 week ago
A vulnerability was found in Shenzhen Xingmeng Qihang Media QiHang Media Web Digital Signage 3.0.9.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cleartext transmission of sensitive information.
This vulnerability is documented as CVE-2020-36914. The attack requires being on the local network. There is not any exploit available.
vuldb.com
CVE-2020-36908 | Secure Computing SnapGear Management Console SG560 3.1.5 cross-site request forgery (Exploit 48554 / EUVD-2026-1027)
5 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Secure Computing SnapGear Management Console SG560 3.1.5. This impacts an unknown function. Performing a manipulation results in cross-site request forgery.
This vulnerability is identified as CVE-2020-36908. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2020-36906 | P5 FNIP-8x16A/FNIP-4xSH 1.0.11/1.0.20 cross-site request forgery (Exploit 48362 / EUVD-2026-1028)
5 months 1 week ago
A vulnerability was found in P5 FNIP-8x16A and FNIP-4xSH 1.0.11/1.0.20 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation results in cross-site request forgery.
This vulnerability is cataloged as CVE-2020-36906. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2026-0641 | TOTOLINK WA300 5.2cu.7112_B20190227 cstecgi.cgi sub_401510 UPLOAD_FILENAME command injection (EUVD-2026-0958)
5 months 1 week ago
A vulnerability, which was classified as critical, has been found in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection.
This vulnerability is listed as CVE-2026-0641. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
Go jump in a lake: Measuring the data lake effect on your SIEM
5 months 1 week ago
Our deep dive into SIEM architecture gets to the bottom of why storing security data has gotten so expensive and how data lakes can save money
Brian Davis
Akira
5 months 1 week ago
You must login to view this content
cohenido