Aggregator

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

The Hackers News
4 days 5 hours ago
Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion and
The Hacker News

INE Security Unveiled Enhanced eMAPT Certification

Cyber Security News
4 days 5 hours ago

Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry’s most comprehensive and practical approach to mobile application […]

The post INE Security Unveiled Enhanced eMAPT Certification appeared first on Cyber Security News.

Cybernewswire

Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges

Cyber Security News
4 days 5 hours ago

A severe double-free vulnerability has been discovered in the Linux kernel’s NFT (netfilter) subsystem, specifically within the pipapo set module.  This critical security flaw allows unprivileged attackers to achieve local privilege escalation by exploiting kernel memory corruption through specially crafted netlink messages. Key Takeaways1. Double-free bug in Linux kernel's NFT subsystem (versions 5.6-rc1 to 6.13-rc3) […]

The post Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Guru Baran

CVE-2024-36697 | Allworx System Software 9.1.9.12 Admin Login Page query.asp SessionID cross site scripting

VulDB Recent Entries
4 days 5 hours ago
A vulnerability classified as problematic has been found in Allworx System Software 9.1.9.12. Affected is an unknown function of the file query.asp of the component Admin Login Page. The manipulation of the argument SessionID leads to cross site scripting. This vulnerability is traded as CVE-2024-36697. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-6211 | run-llama llama_index up to 0.3.0 MD5 Hash DocugamiReader expected behavior violation (EUVD-2025-20993)

VulDB Recent Entries
4 days 5 hours ago
A vulnerability was found in run-llama llama_index up to 0.3.0. It has been rated as critical. This issue affects the function DocugamiReader of the component MD5 Hash Handler. The manipulation leads to expected behavior violation. The identification of this vulnerability is CVE-2025-6211. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-5040 | Autodesk Revit prior 2024.3.3/2025.4.2/2026.2 RTE File Parser heap-based overflow (EUVD-2025-20991)

VulDB Recent Entries
4 days 5 hours ago
A vulnerability was found in Autodesk Revit. It has been declared as critical. This vulnerability affects unknown code of the component RTE File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2025-5040. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-5037 | Autodesk Revit prior 2024.3.3/2025.4.2/2026.2 RFA File Parser buffer overflow (EUVD-2025-20992)

VulDB Recent Entries
4 days 5 hours ago
A vulnerability was found in Autodesk Revit. It has been classified as critical. This affects an unknown part of the component RFA File Parser. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-5037. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

INE Security Launches Enhanced eMAPT Certification

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 days 5 hours ago

Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry’s most comprehensive and practical approach to mobile […]

The post INE Security Launches Enhanced eMAPT Certification appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CyberNewswire

INC

Dark Feed IO
4 days 5 hours ago

You must login to view this content

cohenido

GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content

Cyber Security News
4 days 5 hours ago

GitLab has released critical security patches across multiple versions to address several high-severity vulnerabilities that could allow attackers to execute unauthorized actions through malicious content injection.  The latest patch releases 18.1.2, 18.0.4, and 17.11.6 for both Community Edition (CE) and Enterprise Edition (EE) contain essential security fixes that require immediate attention from all self-managed GitLab […]

The post GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content appeared first on Cyber Security News.

Guru Baran

CVE-2025-48952

CVE Trends
4 days 5 hours ago
Currently trending CVE - Hype Score: 10 - NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic hashes, due to loose comparison in PHP. In vulnerable versions of the application, ...

Managed ad