Aggregator

Currently trending CVE - Hype Score: 18 - Win32k Elevation of Privilege Vulnerability

Trendyol’s application security team uncovered a series of bypasses that render Meta’s Llama Firewall protections unreliable against sophisticated prompt injection attacks. The findings raise fresh concerns about the readiness of existing LLM security measures and underscore the urgent need for more robust defenses as enterprises increasingly embed large language models into their workflows. During the […]

The post Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability appeared first on Cyber Security News.

A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation of the argument Request leads to improper access controls. This vulnerability is handled as CVE-2025-7552. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Лечиться препаратами с Земли — как пить кофе из микроволновки. Уже можно лучше.

OpenAI is reportedly preparing to release an artificial intelligence-enhanced web browser within the coming weeks, marking the company’s latest expansion beyond its popular ChatGPT platform. The new browser will feature integrated AI agent capabilities designed to autonomously handle various online tasks, positioning OpenAI as a direct competitor to traditional browser giants like Google Chrome while […]

The post OpenAI is to Launch a AI Web Browser in Coming Weeks appeared first on Cyber Security News.

Submit #614976 / VDB-316249

A sophisticated supply chain attack has compromised the official GravityForms WordPress plugin, allowing attackers to inject malicious code that enables remote code execution on affected websites. The attack, discovered on July 11, 2025, represents a significant security breach affecting one of WordPress’s most popular form-building plugins, with the malware being distributed directly through the official […]

The post WordPress GravityForms Plugin Hacked to Include Malicious Code appeared first on Cyber Security News.

A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument modino/username leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-7551. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-7550. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-7549. The attack may be initiated remotely. Furthermore, there is an exploit available.

Cybersecurity researchers at the University of Toronto have achieved a breakthrough in hardware-level attacks by successfully demonstrating GPUHammer, the first Rowhammer attack specifically targeting discrete NVIDIA GPUs. The research, which focuses on the popular NVIDIA A6000 GPU with GDDR6 memory, represents a significant expansion of the decade-old Rowhammer vulnerability beyond traditional CPU memories. The research […]

The post GPUHammer – First Rowhammer Attack Targeting NVIDIA GPUs appeared first on Cyber Security News.

Submit #614975 / VDB-316249

Submit #614974 / VDB-316248

Submit #614973 / VDB-316247

NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings," the GPU maker said in an advisory released this week. Dubbed

Submit #614977 / VDB-316120

Submit #614972 / VDB-274770

OpenAI is on the cusp of introducing a groundbreaking AI-infused web browser, slated for release in the imminent weeks, as detailed in a recent Reuters report. This innovative browser is poised to embed OpenAI’s Operator AI agent directly into its framework, enabling autonomous functionalities such as reservation bookings, form completions, and a spectrum of user-delegated […]

The post OpenAI Set to Launch AI-Powered Web Browser in the Coming Weeks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. This vulnerability was named CVE-2025-7548. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #614883 / VDB-206867