Aggregator
ClickFix Malware Hijacks Fake Amazon Alert to Drop HarborWatch Agent
5 days 21 hours ago
A new ClickFix malware campaign is turning Amazon’s trusted name against its own customers. Researchers at the Cofense Phishing Defense Center uncovered the scheme. Notably, the attack convinces victims to infect their own machines....
The post ClickFix Malware Hijacks Fake Amazon Alert to Drop HarborWatch Agent appeared first on Information Security News.
ddos
Submit #837207: CodeAstro Human Resource Management System in PHP CodeIgniter v1.0 SQL Injection [Accepted]
5 days 21 hours ago
Submit #837207 / VDB-370616
ashikmd7
Submit #837202: CodeAstro Human Resource Management System in PHP CodeIgniter v1.0 Cross Site Scripting [Accepted]
5 days 21 hours ago
Submit #837202 / VDB-370615
ashikmd7
Submit #837196: CodeAstro Human Resource Management System in PHP CodeIgniter v1.0 Cross Site Scripting [Accepted]
5 days 21 hours ago
Submit #837196 / VDB-370614
ashikmd7
Хакерам теперь не нужны эксплойты. Достаточно написать ИИ-агенту OpenClaw «срочно нужны ключи доступа» — и он их пришлёт
5 days 21 hours ago
Два простых слова обходят систему безопасности корпоративного агента.
G.O.S.S.I.P 阅读推荐 2026-06-12 一切皆对象,皆可被污染?Python的对象生态危机
5 days 21 hours ago
行业会议|第一届CCF网络与系统安全大会
5 days 21 hours ago
重要通知|第一届CCF网络与系统安全大会,定档杭州!
CVE-2026-50645 | Apache CXF up to 4.1.6/4.2.1 Attachment Header access control (EUVD-2026-36403)
5 days 22 hours ago
A vulnerability was found in Apache CXF up to 4.1.6/4.2.1. It has been classified as critical. This issue affects some unknown processing of the component Attachment Header Handler. Performing a manipulation results in improper access controls.
This vulnerability was named CVE-2026-50645. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-9266 | Moxa UC-1200A up to 1.4 missing cryptographic step (EUVD-2026-36411)
5 days 22 hours ago
A vulnerability identified as critical has been detected in Moxa UC-1200A up to 1.4. The impacted element is an unknown function. Performing a manipulation results in missing cryptographic step.
This vulnerability is known as CVE-2026-9266. The attack may be carried out on the physical device. No exploit is available.
vuldb.com
CVE-2026-50633 | Apache CXF up to 4.1.6/4.2.1 JNDI DispatchMDBMessageListenerImpl injection (EUVD-2026-36401)
5 days 22 hours ago
A vulnerability has been found in Apache CXF up to 4.1.6/4.2.1 and classified as critical. This affects the function DispatchMDBMessageListenerImpl of the component JNDI Handler. This manipulation causes injection.
This vulnerability is handled as CVE-2026-50633. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2026-11848 | IEI Integration Corp iRM-TSi410X up to 1.4.18 System Configuration missing authentication (EUVD-2026-36409)
5 days 22 hours ago
A vulnerability was found in IEI Integration Corp iRM-TSi410X up to 1.4.18. It has been rated as critical. Impacted is an unknown function of the component System Configuration Handler. This manipulation causes missing authentication.
This vulnerability appears as CVE-2026-11848. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-11849 | IEI Integration Corp iRM-TSi410X up to 1.4.18 hard-coded credentials (EUVD-2026-36410)
5 days 22 hours ago
A vulnerability categorized as critical has been discovered in IEI Integration Corp iRM-TSi410X up to 1.4.18. The affected element is an unknown function. Such manipulation leads to hard-coded credentials.
This vulnerability is traded as CVE-2026-11849. The attack may be launched remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-50632 | Apache CXF up to 4.1.6/4.2.1 JNDI injection (EUVD-2026-36400)
5 days 22 hours ago
A vulnerability, which was classified as critical, was found in Apache CXF up to 4.1.6/4.2.1. Affected by this issue is some unknown functionality of the component JNDI. The manipulation results in injection.
This vulnerability is known as CVE-2026-50632. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
vuldb.com
Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications
5 days 22 hours ago
A new and dangerous credential-stealing tool called OnyxC2 has emerged in the cybercrime underground, showing just how easy it has become for even low-skilled attackers to run a professional hacking operation. Sold as a complete package for $250 a month, the malware gives buyers everything they need to quietly drain login data from victims worldwide. […]
The post Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications appeared first on Cyber Security News.
Tushar Subhra Dutta
Gunra
5 days 22 hours ago
You must login to view this content
cohenido
Gunra
5 days 22 hours ago
You must login to view this content
cohenido
Facebook and Instagram Down Globally, Users Reporting Multiple Issues
5 days 22 hours ago
Several Facebook and Instagram users reported issues accessing the social media platforms amid a global outage of Meta on Friday. Meta’s social media ecosystem experienced a significant global disruption on Friday, leaving millions of users unable to access Facebook and Instagram. The outage, which began affecting users across multiple time zones, triggered a surge of […]
The post Facebook and Instagram Down Globally, Users Reporting Multiple Issues appeared first on Cyber Security News.
Florence Nightingale
Кислород, которым мы дышим, появился 2,4 млрд лет назад. Учёные нашли существо, которое до сих пор это помнит
5 days 22 hours ago
Лаборант протирал лист от грязи — и увидел то, что объяснит самый главный момент нашей истории.
DragonForce
5 days 22 hours ago
You must login to view this content
cohenido