Submit #754671: Wavlink NU516U1 V240425 Stack-based Buffer Overflow [Duplicate]
Submit #754671 / VDB-346172
Aggregator
Submit #754668: Wavlink NU516U1 V240425 Command Injection [Accepted]
1 month ago
Submit #754668 / VDB-349220
haimianbaobao
Ukrainian women fleeing war exploited in multimillion-dollar gambling fraud scheme
1 month ago
A criminal network in Spain exploited dozens of Ukrainian women displaced by Russia’s war to carry out a multimillion-dollar fraud gambling scheme, Europol said Thursday.
Submit #748710: HSC Cybersecurity mailinspector 5.3.2-3 Cross Site Scripting [Accepted]
1 month ago
Submit #748710 / VDB-349219
gabriel
Любой пользователь — админ. Коротко о критической дыре в библиотеке pac4j-jwt
1 month ago
Уязвимость CVE-2026-29000 получила 10 баллов по шкале CVSS.
Phobos ransomware leader facing 20 years in prison after pleading guilty to hacking charges
1 month ago
Ptitsyn and several others began using the Phobos ransomware in November 2020, attacking more than 1,000 organizations around the world. He was arrested in South Korea and extradited in November 2024.
Qilin
1 month ago
You must login to view this content
cohenido
Qilin
1 month ago
You must login to view this content
cohenido
Qilin
1 month ago
You must login to view this content
cohenido
Qilin
1 month ago
You must login to view this content
cohenido
Qilin
1 month ago
You must login to view this content
cohenido
Qilin
1 month ago
You must login to view this content
cohenido
CASI Leaderboard Shifts: Sugar-Coated Poison, and the Expanding AI Attack Surface
1 month ago
AI Security Insights – March 2026
Phobos ransomware leader pleads guilty, faces up to 20 years in prison
1 month ago
The 43-year-old Russian national ran a ransomware operation that impacted more than 1,000 victims globally. The conspiracy netted more than $39 million in extortion payments.
The post Phobos ransomware leader pleads guilty, faces up to 20 years in prison appeared first on CyberScoop.
Matt Kapko
Suspected DPRK Threat Actors Compromise Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks
1 month ago
A coordinated campaign targeting cryptocurrency organizations has drawn attention from the security community, with evidence pointing to threat actors potentially linked to North Korea’s state-sponsored hacking operations. The attackers moved systematically across multiple tiers of the crypto supply chain — hitting staking platforms, exchange software providers, and the exchanges themselves — making off with proprietary […]
The post Suspected DPRK Threat Actors Compromise Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks appeared first on Cyber Security News.
Tushar Subhra Dutta
Журналист взломал ChatGPT выдуманным рейтингом по поеданию хот-догов
1 month ago
Оказывается, ИИ можно заставить повторять любую выдумку, просто опубликовав её в сети.
PleaseFix Flaw Lets Hackers Access 1Password Vault via Comet AI Browser
1 month ago
Researchers at Zenity Labs uncover PleaseFix flaws in Perplexity’s Comet browser. See how zero-click calendar invites allow AI agents to steal 1Password credentials and personal files.
Deeba Ahmed
CVE-2026-3606 | Ettercap 0.8.4-Garofalo etterfilter ef_output.c add_data_segment out-of-bounds (Issue 1297)
1 month ago
A vulnerability, which was classified as problematic, has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read.
This vulnerability is uniquely identified as CVE-2026-3606. Local access is required to approach this attack. Moreover, an exploit is present.
The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com
Сначала взламывают камеру. Потом прилетает ракета. Иран отработал схему — и запускает её снова
1 month ago
После ракетных ударов Иран совершил сотни хакерских атак на камеры видеонаблюдения.
CVE-2026-3009 | Keycloak IdentityBrokerService improper authentication
1 month ago
A vulnerability classified as critical was found in Keycloak. Affected is an unknown function of the component IdentityBrokerService. Executing a manipulation can lead to improper authentication.
This vulnerability is handled as CVE-2026-3009. The attack can only be done within the local network. There is not any exploit available.
vuldb.com