Aggregator

CVE-2024-31914 | IBM Sterling B2B Integrator Standard Edition up to 6.1.2.5/6.2.0.2 Web UI cross site scripting

3 months 4 weeks ago

A vulnerability classified as problematic has been found in IBM Sterling B2B Integrator Standard Edition up to 6.1.2.5/6.2.0.2. The impacted element is an unknown function of the component Web UI. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2024-31914. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-56056 | kmfoysal06 SimpleCharm Plugin up to 1.4.3 on WordPress cross site scripting (EUVD-2024-52954)

Vuldb Updates

3 months 4 weeks ago

A vulnerability was found in kmfoysal06 SimpleCharm Plugin up to 1.4.3 on WordPress and classified as problematic. The affected element is an unknown function. Executing manipulation can lead to cross site scripting. This vulnerability is registered as CVE-2024-56056. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

The Hackers News

3 months 4 weeks ago

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime's weapons of mass destruction and ballistic missile programs. "The North Korean regime continues to target American

The Hacker News

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

不安全

3 months 4 weeks ago

美国财政部宣布对两名个人和两家实体实施制裁,因其参与朝鲜远程IT工人计划,通过数据盗窃和勒索为朝鲜的武器项目筹集资金。制裁对象包括俄罗斯籍的Andreyev、朝鲜官员Kim Ung Sun,以及中国公司Shenyang Geumpungri和Sinjin Trading Corporation。该计划利用AI伪造专业背景,将朝鲜IT人员嵌入合法企业,窃取敏感数据并进行勒索。