From http://blogs.zdnet.com/

"Could a simple flash file redirector pushing fake security software actually trick a large number of users? Of course, especially when the files are hosted at legitimate services, the message localized to a native language, and the links spammed to millions of users."

Read the entire article Malware and spam attacks exploiting Picasa and ImageShack

Xtrato writes:  

Hello Fellow Members of php nuke community , I'm here to announce to all the our Team , Xtrato Designs , has now completed the new shop for our commercial themes, we invite you all to come and enjoy this new creation.

We would also like to announce that we have new plans for public themes for everyone to enjoy once again.
The new shop site is located Xtrato Designs New Theme Shop. Please note that we will have free themes added to our shop :).

Thank you all for your time and Best Regards from the Xtrato Designs Team.

DBF_Tim writes:  

Available Now! PRO Forms v2.0.0.
13 different input types
Over 50 different admin controlled options
Operates on PHP Nuke database for website integration
Create the custom forms your site needs. Send them as emails, and/or post them to the forums. Read more for a list of some of the features available.
 Read More...

Whoa! Google Chrome has crashed. Restart now? While Google’s Chrome team is cheering, Rishi Narang from Evil Fingers is typing and releasing a proof of concept for a denial of service vulnerability that is successfully crashing the Chrome browser with all tabs.

Read it all!

Websense® Security Labs(TM) ThreatSeeker(TM) Network has discovered a new replica wave of fake celebrity news being sent out via spam emails. Similar to previous attacks related to 'MSNBC.com Breaking News ' and 'Bogus CNN Custom Alerts ', these emails contain links to a malicious Web page on a compromised site, that is designed to encourage users to download a malicious application posing as a video codec. This malicious Web page also holds Iframes leading to an exploit site.

Over the last few days, the ThreatSeeker Network has seen huge volumes of spam wrapped up in CNN and MSNBC themed templates. Recently, email alerts listing different popular events and news articles also encouraged users to download a video codec, which was actually a malicious file.

The malicious payload is only accessed when the user clicks on! the 'READ FULL STORY' link, which takes them to a Web page on a compromised site named index97.html, which issues a pop-up encouraging users to download a 'missing' video codec, a file called video98.exe.

Here are a few examples of the varied subjects we have seen in this campaign:

Sensational news. Check the message. Breaking news! Be the first to know. Very important news. Astonishing Please take a look. Sensational information inside. Check this out. This is a bomb This is really great news. Please check.

Websense Messaging and Websense Web Security customers are protected against this attack.

To view the details of this alert Click here

SECUNIA ADVISORY ID: SA31683

VERIFY ADVISORY: http://secunia.com/advisories/31683/

CRITICAL: Moderately critical

IMPACT: Hijacking, Manipulation of data, Exposure of sensitive information, System access.

SOFTWARE: Invision Power Board 2.x - http://secunia.com/product/3705/

DESCRIPTION: DarkFig has reported some vulnerabilities in Invision Power Board (IP.Board), which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.
 Read More...