Aggregator

Опубликован список системных инструментов, которые хакеры любят больше всего.

A vulnerability labeled as critical has been found in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. Affected by this issue is some unknown functionality. Executing a manipulation can lead to unrestricted upload. This vulnerability is handled as CVE-2025-48782. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. This affects an unknown part. The manipulation leads to file inclusion. This vulnerability is uniquely identified as CVE-2025-48783. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as problematic has been identified in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. This vulnerability affects unknown code of the component Setting Handler. The manipulation results in missing authorization. This vulnerability was named CVE-2025-48784. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as very critical has been found in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. This issue affects some unknown processing. This manipulation causes deserialization. The identification of this vulnerability is CVE-2025-48780. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. Impacted is an unknown function. Such manipulation leads to missing authentication. This vulnerability is referenced as CVE-2025-5192. It is possible to launch the attack remotely. No exploit is available.

A vulnerability identified as problematic has been detected in Soar Cloud System HRD Human Resource Management System up to 7.3.2025.0408. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in file inclusion. This vulnerability is known as CVE-2025-48781. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Fortinet FortiDeceptor up to 5.3.0. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2024-35280. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability categorized as critical has been discovered in Fortinet FortiDeceptor up to 5.0.0/5.1.0/5.2.1/5.3.3/6.0.0. Affected by this vulnerability is an unknown functionality of the component Request Handler. Executing a manipulation can lead to improper access controls. The identification of this vulnerability is CVE-2024-45326. The attack may be launched remotely. There is no exploit available.

ConnectSecure announced the launch of a new cross-platform Linux operating system patching capability. The update eliminates the complexity of managing fragmented Linux environments by delivering a single, unified interface for deploying critical security updates across the four most widely used Linux distributions: Red Hat, Ubuntu, Debian, and CentOS. The new capability helps MSPs and security teams automate the identification and deployment of kernel and OS patches without requiring distribution-specific tools. As a result, organizations can … More →

The post ConnectSecure introduces Linux patching capability to simplify cross-distro updates appeared first on Help Net Security.

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows how exposed machine credentials quietly grant attackers long-term access to enterprise systems. [...]

Nederlandse militairen die deel uitmaken van de Multinational Battlegroup in Litouwen (MNBG LTU), staan sinds vandaag onder het bevel van 45. Pantserbrigade uit Duitsland. Dat gebeurde symbolisch door de overdracht van een NAVO-vlag in het ijskoude en zonnige Kaunas. De commandowisseling werd vanochtend gevierd met een grote militaire parade.

The developers of Notepad++ disclosed a critical security breach on February 2, 2026, affecting their update infrastructure. The popular text editor, widely used by developers worldwide, became the target of a sophisticated supply chain attack that remained undetected for several months. According to the official statement, attackers gained unauthorized access through a hosting provider-level incident […]

The post Supply Chain Attack Abused Notepad++ Update Infrastructure to Deliver Targeted Malware appeared first on Cyber Security News.

ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops

A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works.

GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a coordinated reconnaissance campaign targeting Citrix ADC and NetScaler Gateways. Attackers used over 63,000 residential proxies to discover login panels, then switched to AWS infrastructure […]

俄罗斯安全公司卡巴斯基发表了 Notepad++ 去年遭受供应链攻击的分析报告。安全研究人员发现，攻击者在 2025 年 7-10 月之间使用了三条感染链攻击十几台电脑，这些电脑属于：越南、萨尔瓦多和澳大利亚的个人；菲律宾的一家政府机构；萨尔瓦多的一家金融机构；越南的一家 IT 服务提供商。攻击者在 2025 年 7 月下旬首次部署了 Notepad++ 的恶意更新程序。恶意程序由合法的 Notepad++ 更新程序 GUP.exe 启动，启动之后会向攻击者发送包含系统信息的“心跳（heartbeat）”包，随后开始执行第二阶段的负荷。

Submit #742676 / VDB-344270

Submit #742671 / VDB-344269

Submit #742670 / VDB-344268