Aggregator

A vulnerability classified as problematic has been found in SiteOrigin Widgets Bundle Plugin up to 1.61.1 on WordPress. This affects an unknown part of the component Blog Widget. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-5090. It is possible to initiate the attack remotely. There is no exploit available.

The Ukrainian State Railways, known as Ukrzaliznytsia, has experienced a massive disruption to its online services. The railway company issued a statement acknowledging an IT failure, which has temporarily suspended all online operations, impacting ticket sales and other digital services. According to Ukrzaliznytsia’s communication, the shutdown of online services is due to a technical issue, […]

The post Massive Cyberattack Disrupts Ukrainian State Railway’s Online Services appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Rilide, a sophisticated malware, has been masquerading as a legitimate browser extension to steal sensitive information from users of Chromium-based browsers like Google Chrome and Microsoft Edge. First identified in April 2023, this malware is designed to capture screenshots, log passwords, and collect credentials for cryptocurrency wallets. It often disguises itself as a Google Drive […]

The post Rilide Malware Poses as Browser Extension to Steal Login Credentials from Chrome and Edge Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes

Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals. This campaign, known as “FizzBuzz to FogDoor,” exploits job seekers by disguising malware as legitimate recruitment tests on GitHub. The attackers use a GitHub repository named “FizzBuzz” to host an ISO file titled “Zadanie rekrutacyjne.iso,” which translates […]

The post Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The National Institute of Standards and Technology (NIST) recently issued an update on its efforts to manage the backlog of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD). While NIST has regained its pre-summer 2024 processing speed for incoming CVEs, a significant increase in submissions has left the organization struggling to keep […]

The post NIST Facing Challenges in Managing CVE Backlog in National Database appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security experts worry the company's Chapter 11 status and aim to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.

Хакеры нашли золотой ключ к сетям компаний Fortune 500.

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

如何使用大模型提升网络安全生产力

A vulnerability was found in SalesAgility SuiteCRM up to 7.14.3/8.6.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to open redirect. This vulnerability is handled as CVE-2024-36406. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in JetBrains IntelliJ IDEA, Aqua, CLion, DataGrip, DataSpell, GoLand, MPS, PhpStorm, PyCharm, Rider, RubyMine, RustRover and WebStorm. Affected by this vulnerability is an unknown functionality of the component Access Token Handler. The manipulation leads to insufficiently protected credentials. This vulnerability is known as CVE-2024-37051. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in BOSSCMS 3.10. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-31613. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Emlog Pro 2.3. It has been classified as problematic. Affected is an unknown function of the file twitter.php. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-31612. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Apple macOS up to 12.4. This issue affects some unknown processing of the component TIFF File Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2022-32897. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.