A vulnerability was found in NoxxieNl Criminals. It has been classified as critical. Affected is an unknown function of the file ingame/roulette.php. The manipulation of the argument gambleMoney leads to sql injection. The name of the patch is 0a60b31271d4cbf8babe4be993d2a3a1617f0897. It is recommended to apply a patch to fix this issue. VDB-218022 is the identifier assigned to this vulnerability.
Daily Archives: January 11, 2023
CVE-2014-125075
A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The name of the patch is 5d72753c2e95bb373aa86824939397dc25f679ea. It is recommended to apply a patch to fix this issue. The identifier VDB-218021 was assigned to this vulnerability.
Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams
Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.
The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like written text, but they can build entire email chains to make their emails more convincing and can even generate messages using the writing style of real people based on provided samples of their communications.
New APT Dark Pink Hits Asia-Pacific, Europe With Spear Phishing Tactics
The group began operations as early as mid-2021, but its activity increased in mid-to-late 2022
Multiple Danish Banks Disrupted By DDoS Cyber-Attack
The attack also affected IT financial industry solutions developer Bankdata
CVE-2013-10010
A vulnerability classified as problematic has been found in zerochplus. This affects the function PrintResList of the file test/mordor/thread.res.pl. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218007.
Sensitive Files From San Francisco Transit Police Allegedly Leaked
The leaked files include some 120,000 files, with specific allegations of child abuse
yarnpkg-1.22.19-3.fc37
FEDORA-2023-ce8943223c
Packages in this update:
yarnpkg-1.22.19-3.fc37
Update description:
Add patches for CVE-2021-43138, CVE-2022-3517, CVE-2020-7677
yarnpkg-1.22.19-3.fc36
FEDORA-2023-18fd476362
Packages in this update:
yarnpkg-1.22.19-3.fc36
Update description:
Add patches for CVE-2021-43138, CVE-2022-3517, CVE-2020-7677
CVE-2014-125074
A vulnerability was found in Nayshlok Voyager. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Voyager/src/models/DatabaseAccess.java. The manipulation leads to sql injection. The name of the patch is f1249f438cd8c39e7ef2f6c8f2ab76b239a02fae. It is recommended to apply a patch to fix this issue. The identifier VDB-218005 was assigned to this vulnerability.