Websense Security Labs ThreatSeeker has received reports of new malicious code that utilizes the YouTube brand to lure users into running the code.

The attack begins with an email lure written in html that invites users to view a video from YouTube. Upon connecting to the site, users are directed to a page that resembles the real YouTube site. The page then reports that the video cannot load and attempts to dupe users into downloading and installing a flash player.

In what could be a disturbing sign of things to come, the site is hosted on a server that has hosted more than one hundred Phishing sites over the last 4 months. This server is managed by the infamous "Rock Phish" group, which is the largest phishing gang on the Internet and which is responsible for the majority of Phishing URL's.
 Read More...

SECUNIA ADVISORY ID: SA27659

VERIFY ADVISORY: http://secunia.com/advisories/27659/

CRITICAL: Moderately critical

IMPACT: Unknown, Security Bypass

WHERE: From remote

OPERATING SYSTEM: rPath Linux 1.x - http://secunia.com/product/10614/

DESCRIPTION: rPath has issued an update for php5. This fixes some vulnerabilities and weaknesses, where some have unknown impacts and others can be exploited to bypass certain security restrictions. This is related to: SA27648
 Read More...

Spam Stopper v 0.2 by Guardian2003
- Please see the BugTraq file within the distro for bug fixes (Thanks to Evaders99)
1   Check incoming referer to see if your own site is listed on the referers site (a form of a back-link check )
2   Check incoming referer to see if the referer contains banned words (viagra, vwar etc)
3   Check incoming referer against several third party referer blacklists
4   Check incoming referer to see if it has an open relay (most spammers can be caught this way)
5   Facility to 'whitelist' domains at will
6   Facility to 'blacklist' domains at will
7   One-click facility to report spammers to the Code Authors spamlist database
8   Facility to report hacking attempts to the Code Authors database
9   Extensive color coded logs to enable admins to see 'at-a-glance' which referers are black/white listed
10  Facility to maintain your own list of 'bad words'
11  Facility to ban domains and also send that data to Nuke Sentinel (tm) blocked IP table to permanently block the domain.

Screenshots

nukeevangelist writes:  

The Nuke-Cast (Shoutcast Status Module) for PHP-Nuke by DJ DiZ-E is fixed to work with Latest PHP-Nuke Patched Series.

Nuke-Cast Version: 1.9.p2 shows the shoutcast server status
Current Listeners
Bitrate
Current song, 9 played songs
Total Listeners
Total hits to server
DJs Icq
DJs Aol IM handle
Average time spent listening
Genre for station
Peak users Stats

papamike writes:  

Today I released PMCCT after months of coding and testing. This is a stable release tested on IE and Firefox with excellent results.

PMCCT is a theme building utility written in PHP. If you have never been able to build your own theme then you can now.

The package comes with 2 sample themes I created during early and later stages of development and one to get you started called ReNameMe.

There is only one file to go to and make your configuration changes. Configuration.php holds all of the settings to change almost every aspect of a theme.

And this is only version 1.0. I have lots of supporting features for later releases. Some are theme add-ons, forum configuration, and more.

PMCCT comes with a indepth tutorial to help you along and you can also get support through my forums.

Go to to become a member and download PMCCT for free.

AS A FOOTNOTE: PMCCT was designed to run on RavenNuke (TM) 76 V2 Only.

Helping to support the Raven community!

The weekly updates have been posted. Get them from Diff Pack and Full Pack.

Read More for additional notes. Read More...