Aggregator

A vulnerability classified as critical was found in Mozilla Firefox up to 127.x. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-6604. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Babuk ransomware group has recently claimed responsibility for a sophisticated cyberattack on Orange, a leading global telecommunications company. According to an exclusive interview with SuspectFile.com, Babuk exploited a zero-day vulnerability in Orange’s systems to gain initial access to the company’s network. This vulnerability allowed them to exfiltrate sensitive data, which was later sold to […]

The post Babuk Ransomware Group Claims Attack on Telecommunication Firm Orange appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035

A vulnerability was found in IBM AIX 7.2/7.3. It has been classified as very critical. Affected is an unknown function of the component Nimesis NIM Master Service. The manipulation leads to process control. This vulnerability is traded as CVE-2024-56346. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM AIX 7.2/7.3. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component SSL TLS Protection Mechanism. The manipulation leads to process control. This vulnerability is known as CVE-2024-56347. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical vulnerability found in Edimax IC-7100 IP cameras. The alert centers on an OS command injection vulnerability due to improper input sanitization, which allows malicious actors to send specially crafted requests and achieve remote code execution on affected devices. This severe […]

The post CISA Alerts on Edimax IP Camera OS Command Injection Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

六国政府疑似使用以色列Paragon的Graphite间谍软件，窃取即时通讯数据。

Currently trending CVE - Hype Score: 1 - Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device

The Chinese Advanced Persistent Threat (APT) group known as Salt Typhoon, also referred to as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been actively targeting critical sectors worldwide. This group has been particularly focused on telecommunications and government entities across the United States, the Asia-Pacific region, the Middle East, and South Africa since at least […]

The post Chinese “Salt Typhoon” Hackers Exploit Exchange Vulnerabilities to Target Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity Relies on Visualization Raw data often tells a story that’s hidden in plain sight. No matter how accurate or comprehensive, numbers on a spreadsheet can easily blur into an incomprehensible haze when patterns and anomalies are buried deep within thousands or millions of rows.  The human brain processes visuals 60,000 times faster than text, […]

The post How Data Visualization Helps Prevent Cyber Attacks appeared first on Centraleyes.

The post How Data Visualization Helps Prevent Cyber Attacks appeared first on Security Boulevard.

Каждое второе зараженное устройство под контролем одного инфостилера.

A vulnerability has been found in Keware Technologies Homeseer 1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to path traversal. This vulnerability is known as CVE-2001-0037. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in BoldGrid Post and Page Builder Plugin up to 1.27.6 on WordPress. Affected by this issue is the function template_via_url. The manipulation leads to path traversal. This vulnerability is handled as CVE-2025-0859. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in RealMag777 Bear Plugin up to 1.1.4.4 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-26775. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Bosscomm IF740 11001.7078/11001.0000. This issue affects some unknown processing. The manipulation leads to channel accessible by non-endpoint. The identification of this vulnerability is CVE-2025-25728. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Bosscomm IF740 11001.7078/11001.0000. Affected by this issue is some unknown functionality. The manipulation leads to missing encryption of sensitive data. This vulnerability is handled as CVE-2025-25727. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability has been found in NAKIVO Backup & Replication Director and classified as problematic. This vulnerability affects unknown code of the file /c/router. The manipulation leads to absolute path traversal. This vulnerability was named CVE-2024-48248. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in eteubert Podlove Podcast Publisher Plugin up to 4.2.2 on WordPress. It has been rated as problematic. Affected by this issue is the function ajax_transcript_delete. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-1383. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Django up to 4.2.19/5.0.12/5.1.6. Affected by this vulnerability is the function django.utils.text.wrap of the component Template Filter Handler. The manipulation leads to denial of service. This vulnerability is known as CVE-2025-26699. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in realmag777 HUSKY Plugin up to 1.3.6.5 on WordPress and classified as critical. Affected by this issue is the function woof_text_search. The manipulation of the argument template leads to path traversal. This vulnerability is handled as CVE-2025-1661. The attack may be launched remotely. There is no exploit available.