Aggregator
MITRE CVE Program Uncertainty: Mend.io’s commitment to uninterrupted vulnerability protection
Mend.io continues to deliver uninterrupted, multi-source vulnerability protection.
The post MITRE CVE Program Uncertainty: Mend.io’s commitment to uninterrupted vulnerability protection appeared first on Security Boulevard.
CVE-2025-43704 | Arctera Veritas Data Insight up to 7.1.1 cleartext transmission
CVE-2025-1704 | Google ChromeOS 124.0.6367.34 on Chromebooks ComponentInstaller state issue
CVE-2025-1566 | Google ChromeOS 129.0.6668.36 DNS Query missing encryption
CVE-2025-2073 | Google ChromeOS 4.19/5.4/5.10/5.15/6.1 Ipset Command ip_set_bitmap_ip.c out-of-bounds
CVE-2025-1568 | Google ChromeOS 131.0.6778.268 Project Configuration project.config code injection
CVE-2025-3487 | Contact Form Forminator Forms Plugin up to 1.42.0 on WordPress limit cross site scripting
CVE-2025-3479 | Contact Form Forminator Forms Plugin up to 1.42.0 on WordPress handle_stripe_single improper authorization
CVE-2025-3453 | Password Protected Plugin up to 2.7.7 on WordPress password_protected_cookie improper authentication
CVE-2025-24909 | Hitachi Vantara Pentaho Business Analytics Server 9.3.0.7/10.1.0.0 Analyzer Plugin Interface cross site scripting
CVE-2025-24911 | Hitachi Vantara Pentaho Business Analytics Server 9.3.0.7/10.1.0.0 XML File xml external entity reference
CVE-2025-24910 | Hitachi Vantara Pentaho Business Analytics Server 9.3.0.7/10.1.0.0 XML File xml external entity reference
CVE-2025-24908 | Hitachi Vantara Pentaho Data Integration & Analytics up to 1.0 UploadFile Service path traversal
CVE-2025-24907 | Hitachi Vantara Pentaho Data Integration & Analytics up to 10.1.0.0 path traversal
CVE-2025-0756 | Hitachi Vantara Pentaho Data Integration & Analytics up to 10.1.0.0 Configuration File resource injection
From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities
Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to provide seamless experience could also be your greatest problem? Our investigation into three seemingly harmless PyPI color packages revealed a hidden background functionality […]
The post From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities appeared first on Blog.
The post From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities appeared first on Security Boulevard.