NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary data.

CVE Database V5

Detailed information about CVE-2025-65548: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-65548: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-65548: n/a

Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user to execute arbitrary template code in the context of an administrator's session. This can occur via plugins or dashboard components that render untrusted user input, potentially enabling privilege escalation to an administrative account. Fixed in Azuriom 1.2.7.

Detailed information about CVE-2025-65271: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-65271: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-65271: n/a

A critical vulnerability in Microsoft's Windows Server Update Services (WSUS) allows unauthenticated remote code execution with system privileges. Initially patched on October 14, 2025, the flaw required an emergency update on October 23 due to incomplete mitigation. Active exploitation was observed within hours of the patch release. The vulnerability affects Windows Server 2012 to 2025 with WSUS role enabled. Attacks focus on initial access and reconnaissance, targeting exposed WSUS instances on ports 8530 and 8531. Attackers execute malicious PowerShell commands to gather network intelligence and exfiltrate data. Approximately 5,500 WSUS instances are exposed globally, presenting a significant attack surface for broader network compromise.

AlienVault OTX General

Detailed information about Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild (Updated November 3). Get real-time updates, tec

Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild (Updated November 3) - Live Threat Intelligence - Threat Radar | OffSeq.com

Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild (Updated November 3)

A new campaign leveraging JS#SMUGGLER techniques is distributing the NetSupport RAT malware through compromised websites targeting Windows users. The attack involves malicious JavaScript payloads that bypass traditional detection by smuggling code to deliver the remote access trojan. Once infected, systems can be remotely controlled by attackers, risking data confidentiality, integrity, and availability. This campaign is currently observed in the wild but with minimal discussion and no known exploits reported yet. European organizations using Windows systems and frequently accessing web resources are at risk, especially those in sectors targeted by RATs for espionage or disruption. Mitigation requires advanced web filtering, endpoint detection tuned for RAT behaviors, and user awareness to avoid suspicious sites. Countries with high Windows usage and strategic importance in cyber espionage are more likely to be affected. The threat severity is assessed as medium due to the complexity of exploitation and the potential impact on affected systems. Defenders should prioritize monitoring for unusual network activity and implement layered defenses against web-based malware delivery.

The JS#SMUGGLER campaign represents a sophisticated web-based attack vector that delivers the NetSupport Remote Access Trojan (RAT) to Windows systems via infected or compromised websites. JS#SMUGGLER is a technique that obfuscates malicious JavaScript payloads to evade detection by security tools, effectively smuggling code past filters and scanners. In this campaign, attackers inject or compromise legitimate websites to host these obfuscated scripts, which when visited by users, execute and silently download the NetSupport RAT onto the victim's machine. NetSupport RAT is a well-known remote access tool often abused by threat actors to gain persistent control over infected hosts, enabling data exfiltration, credential theft, surveillance, and lateral movement within networks. The campaign was recently reported on Reddit's InfoSecNews subreddit with minimal discussion, indicating it may be in early stages or low visibility. No specific affected software versions or patches are identified, and no known exploits are currently documented in the wild. The campaign's reliance on web-based infection vectors and Windows targets aligns with common attack patterns aimed at broad infection and stealthy persistence. The obfuscation via JS#SMUGGLER complicates detection by traditional antivirus and web filters, requiring advanced heuristic and behavioral analysis to identify. This threat highlights the ongoing risk posed by compromised websites as malware distribution platforms and the need for vigilance in web browsing security.

Reddit InfoSec News

Detailed information about Windows Users Watch Out: New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites. Get real-time updates, technical detai

Windows Users Watch Out: New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites - Live Threat Intelligence - Threat Radar | OffSeq.com

Windows Users Watch Out: New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites

Reddit Discussion: Windows Users Watch Out: New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack.

Detailed information about CVE-2025-14261: CWE-331 Insufficient Entropy in Litmuschaos litmus affecting Litmuschaos litmus. Get real-time updates, technical det

CVE-2025-14261: CWE-331 Insufficient Entropy in Litmuschaos litmus

CVE-2025-14261: CWE-331 Insufficient Entropy in Litmuschaos litmus

Description

Technical Details

Community Reviews

Related Threats

CVE-2025-65548: n/a

CVE-2025-65271: n/a

CVE-2025-64081: n/a

CVE-2025-14259: SQL Injection in Jihai Jshop MiniProgram Mall System

CVE-2025-65804: n/a

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility