Aggregator

A vulnerability classified as problematic was found in Premium Addons for Elementor Plugin up to 4.10.35 on WordPress. Affected by this vulnerability is an unknown functionality of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-6340. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Plus Addons for Elementor Plugin up to 5.6.1 on WordPress. Affected by this issue is some unknown functionality of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-4482. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in WP Lightbox 2 up to 3.0.6.6 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6263. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Himer Theme up to 2.1.0 on WordPress. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-2233. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Himer Theme up to 2.1.0 on WordPress. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-2235. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Приложение описывает мир вокруг, не выходя в интернет.

Caido, the innovative security testing tool positioning itself as a compelling alternative to Burp Suite, has just rolled out its latest update, version 0.47.0. This release introduces a slew of exciting features, a revamped user experience, and critical bug fixes, further solidifying its place in the toolkit of security researchers and penetration testers. One of […]

The post Caido v0.47.0 Released – Burp Suite Alternative Web Pentesting Tool Brings New Features appeared first on Cyber Security News.

Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks. Keysight AI Insight Brokers accelerates threat detection and response Keysight Technologies announces the expansion of its Keysight Vision Network Packet Brokers (NPBs), with the introduction of AI Insight Brokers. By applying AI earlier in the performance and security monitoring process, the new solution offers customers enhanced protection, and the ability to troubleshoot … More →

The post New infosec products of the week: March 21, 2025 appeared first on Help Net Security.

Name: DC509 CTF 2025 (an DC509 CTF event.)
Date: March 21, 2025, midnight — 21 March 2025, 02:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Spokane, WA
Offical URL: https://dc509.com/
Rating weight: 0.00
Event organizers: dc509

Major Competitive, Regulatory, Economic and Technological Changes Fueled This Deal
The fact a $32 billion acquisition agreement between Google and Wiz was reached speaks to major changes that have occurred in the market around the competitive landscape, the regulatory environment, the macroeconomic environment, customer buying behavior, and the technology itself.

Norwegian Man Tells OpenAI: I Didn't Kill My Children
A Norwegian man is peeved that a chatbot hallucinated a violent backstory for his life after seeing that ChatGPT apparently believes he's a child killer spending decades inside prison. "The fact that someone could read this output and believe it is true is what scares me the most," he said.

Health ISAC, AHA Bulletin Urges Entities to Bolster Physical, Cyber, Preparedness
Threats transmitted on social media intimating coordinated terrorist attacks on hospitals in mid-tier U.S. cities have industry authorities warning the healthcare sector to shore up physical and cyber security, as well as emergency management response plans.

Experts Weigh the Advantages and Risks of Generative Adversarial Networks
With traditional rule-based fraud detection systems and even conventional machine learning models struggling to identify these highly deceptive fraud patterns, financial institutions are exploring generative adversarial networks to enhance fraud detection.

Executive Order Shifts Cyber Responsibilities to States, Sparking Security Concerns
The White House is shifting cybersecurity risk management from the federal government to states and local agencies, marking a pivot in how Washington supports the protection of elections and critical infrastructure. Many states lack their own national security and cyberthreat intelligence centers.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 62 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 62 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 68 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 68 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 68 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-21, 68 days ago. The vendor is given until 2025-07-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.