Aggregator

CVE-2025-51654 | SEMCMS 5.0 SEMCMS_Infocategories.php pid sql injection

1 week ago

A vulnerability was found in SEMCMS 5.0. It has been declared as critical. This vulnerability affects unknown code of the file SEMCMS_Infocategories.php. The manipulation of the argument pid leads to sql injection. This vulnerability was named CVE-2025-51654. The attack can be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-51653 | SEMCMS 5.0 SEMCMS_ct.php pid sql injection (EUVD-2025-21371)

VulDB Recent Entries

1 week ago

A vulnerability was found in SEMCMS 5.0. It has been classified as critical. This affects an unknown part of the file SEMCMS_ct.php. The manipulation of the argument pid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-51653. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-51652 | SEMCMS 5.0 SEMCMS_Categories.php pid sql injection (EUVD-2025-21372)

VulDB Recent Entries

1 week ago

A vulnerability was found in SEMCMS 5.0 and classified as critical. Affected by this issue is some unknown functionality of the file SEMCMS_Categories.php. The manipulation of the argument pid leads to sql injection. This vulnerability is handled as CVE-2025-51652. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-53014 | ImageMagick up to 6.9.13-25/7.1.1 InterpretImageFilename out-of-bounds (GHSA-hm4x-r5hc-794f / EUVD-2025-21380)

VulDB Recent Entries

1 week ago

A vulnerability has been found in ImageMagick up to 6.9.13-25/7.1.1 and classified as problematic. Affected by this vulnerability is the function InterpretImageFilename. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-53014. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-52363 | Tenda CP3 Pro 22.5.4.93 /etc/passwd weak password hash (EUVD-2025-21383)

VulDB Recent Entries

1 week ago

A vulnerability, which was classified as problematic, was found in Tenda CP3 Pro 22.5.4.93. Affected is an unknown function of the file /etc/passwd. The manipulation leads to password hash with insufficient computational effort. This vulnerability is traded as CVE-2025-52363. It is possible to launch the attack on the local host. There is no exploit available.

vuldb.com

New MITRE framework takes aim at crypto threats

Help Net Security

1 week ago

MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework designed to tackle vulnerabilities in digital financial ecosystems, including cryptocurrency platforms. Modeled after the MITRE ATT&CK framework, AADAPT offers developers, policymakers, and financial institutions a structured approach to identifying, analyzing, and mitigating threats tied to digital asset payment technologies. Drawing on insights from over 150 sources across government, industry, and academia, the framework maps adversarial tactics, techniques, and procedures (TTPs) … More →

The post New MITRE framework takes aim at crypto threats appeared first on Help Net Security.

Industry News

Interlock ransomware adopts new FileFix attack to push malware

Bleeping Computer.

1 week ago

Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. [...]

Bill Toulas

Kairos

Dark Feed IO

1 week ago

You must login to view this content

cohenido

Dread Darknet Markets News 07/14/2025

Dark Web Informer - Cyber Threat Intelligence

1 week ago

Dread Darknet Markets News 07/14/2025

Dark Web Informer - Cyber Threat Intelligence

VMware security advisory (AV25-422)

CCCS - Alerts and advisories

1 week ago

Canadian Centre for Cyber Security

Louis Vuitton UK Hit by Cyberattack, Third LVMH Breach in 3 Months

Hack Read

1 week ago

Louis Vuitton UK suffers cyberattack exposing customer data, marking the third LVMH breach in 3 months as retail sector faces ongoing security threats.

Waqas

Piracy sites for Nintendo Switch, PS4 games taken down by FBI

The Record

1 week ago

Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com — placing FBI banners on all of the sites.

谷歌推出Google Drive桌面端全新界面：统一视图集成文件、同步与通知功能

安全客

1 week ago

安全客

Git - GitHub Cheatsheet

Dark Web Informer - Cyber Threat Intelligence

1 week ago

Git - GitHub Cheatsheet

Dark Web Informer - Cyber Threat Intelligence

Время "тикает" по-новому. Часы научились ловить то, что прячется от всей Вселенной

Securitylab.ru

1 week ago

Ядерные часы — как микроскоп для космоса.

Interlock ransomware group deploys new PHP-based RAT via FileFix

Security Affairs

1 week ago

Interlock ransomware group deploys new PHP-based RAT via FileFix (a ClickFix variant) in a widespread campaign targeting multiple industries. The Interlock ransomware group is deploying a new PHP-based variant of the Interlock RAT in a broad campaign. According to researchers from the DFIR Report, in partnership with Proofpoint, it uses a delivery method known as FileFix, […]

Pierluigi Paganini

GPUHammer 攻击揭示人工智能与云计算领域的新安全风险

安全客

1 week ago

安全客

红牛招聘骗局曝光：网络钓鱼活动冒充知名品牌，采用“慢性诱骗”手法窃取凭据

安全客

1 week ago

安全客

Survey Finds AI Adoption Outpacing Security Readiness

Security Boulevard

1 week ago

As organizations continue to deploy AI, security professionals find themselves confronting critical gaps in their level of preparedness, according to F5's 2025 State of AI Application Strategy Report.

The post Survey Finds AI Adoption Outpacing Security Readiness appeared first on Security Boulevard.

George V. Hulme

Fortinet FortiWeb曝严重漏洞：POC已公开，或被远程执行攻击

安全客

1 week ago

安全客

Aggregator

Managed ad