Aggregator

CVE-2025-8738 | zlt2000 microservices-platform up to 6.0.0 Spring Actuator Interface /actuator information disclosure (Issue 79 / EUVD-2025-24015)

Vuldb Updates
1 month ago
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-8738. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.
vuldb.com

CVE-2025-8739 | zhenfeng13 My-Blog up to 1.0.0 /admin/tags/save tagName cross-site request forgery (Issue 145 / EUVD-2025-24019)

Vuldb Updates
1 month ago
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-8739. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

永安在线金融行业案例

信息安全知识库
1 month ago
本文链接


银行反洗钱方案案例 银行黄牛攻防系统搭建方案案例 银行反营销欺诈解决方案 保险业务安全建设方案案例 保险营销反欺诈方案案例 保险营销发欺诈方案案例 证券反欺诈解决方案案例 证券数据资产泄露解决方案

永安在线金融行业案例

不安全
1 month ago
本文介绍了金融行业的安全解决方案案例,包括银行的反洗钱、黄牛攻防及营销欺诈防范,保险业务的安全建设与营销反欺诈措施,以及证券领域的反欺诈和数据资产保护方案。

Supply Chain Alert: Malicious Go Packages Found Targeting Windows and Linux

Penetration Testing Tools - Metepreter.org
1 month ago

Cybersecurity researchers have uncovered 11 malicious Go packages designed to download additional components from remote servers and execute them on both Windows and Linux systems. According to Socket researcher Olivia Brown, during execution the...

The post Supply Chain Alert: Malicious Go Packages Found Targeting Windows and Linux appeared first on Penetration Testing Tools.

ddos

CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks

Cyber Security News
1 month ago

A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing in early 2025, the malware has demonstrated remarkable adaptability and technical sophistication, with activity levels […]

The post CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks appeared first on Cyber Security News.

Tushar Subhra Dutta

French firm Bouygues Telecom suffered a data breach impacting 6.4M customers

Security Affairs
1 month ago
Bouygues Telecom suffered a cyberattack that compromised the personal information of 6.4 million customers. French telecommunications company Bouygues Telecom suffered a cyberattack that resulted in the compromise of personal information of 6.4 million customers. Bouygues Telecom, part of the Bouygues industrial group, is one of France’s leading telecom providers, offering mobile, internet, and IPTV services. […]
Pierluigi Paganini

Managed ad