[webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
Aggregator
[webapps] Zohocorp ManageEngine ADManager Plus 7210 - Elevation of Privilege
4 months 2 weeks ago
Zohocorp ManageEngine ADManager Plus 7210 - Elevation of Privilege
[webapps] Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)
4 months 2 weeks ago
Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)
[webapps] ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)
4 months 2 weeks ago
ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)
[webapps] Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)
4 months 2 weeks ago
Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)
[webapps] ChurchCRM 5.9.1 - SQL Injection
4 months 2 weeks ago
ChurchCRM 5.9.1 - SQL Injection
[webapps] PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)
4 months 2 weeks ago
PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)
揭秘:打造一套完整的勒索病毒自动化采集分析系统
4 months 2 weeks ago
实现对新型勒索病毒的快速响应。
我用NodeJS+electron自研了个C2和木马并绕过了360+火绒内存扫描(附源码)
4 months 2 weeks ago
NodeJs可以写后端、electron又可以打包成exe,还可以通过主进程命令执行,那么不就可以自研一个C2了吗
Lynx
4 months 2 weeks ago
cohenido
Daily Dose of Dark Web Informer - 8th of April 2025
4 months 2 weeks ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
Lawsuit: Hospital Pharmacist Spied on Coworkers for a Decade
4 months 2 weeks ago
University of Maryland Medical Center Said FBI Is Also Investigating Case
An academic medical center is facing a class action lawsuit alleging one of its pharmacists installed keylogging software on 400 computers over a decade to spy on the personal lives and intimate moments of coworkers. The pharmacist is also facing a criminal investigation, the hospital said.
An academic medical center is facing a class action lawsuit alleging one of its pharmacists installed keylogging software on 400 computers over a decade to spy on the personal lives and intimate moments of coworkers. The pharmacist is also facing a criminal investigation, the hospital said.
Russian APT Hacker Observed Deploying Unusual RDP Tactics
4 months 2 weeks ago
Espionage Campaign Mainly Targeted European Organizations
A Russian nation-state threat actor exploited "lesser known" features of Microsoft Windows remote desktop protocol to target European organizations for espionage. Hackers used RDP to deploy a malicious application and access data from victims.
A Russian nation-state threat actor exploited "lesser known" features of Microsoft Windows remote desktop protocol to target European organizations for espionage. Hackers used RDP to deploy a malicious application and access data from victims.
US Risks Losing 'AI Cold War' as China Surges Ahead
4 months 2 weeks ago
AI Leaders Call for Proactive US Response Amid Chinese Technology Breakthroughs
The United States risks losing the so-called "AI Cold War" against China unless it abandons traditional containment strategies and adapts to Beijing's advances, panelists told lawmakers Tuesday. "I'm as stunned as all of you about just how fast China has caught up," said Adam Thierer.
The United States risks losing the so-called "AI Cold War" against China unless it abandons traditional containment strategies and adapts to Beijing's advances, panelists told lawmakers Tuesday. "I'm as stunned as all of you about just how fast China has caught up," said Adam Thierer.
Tailscale Raises $160M to Scale AI and Enterprise Use
4 months 2 weeks ago
Zero Trust Network Access Firm Plans to Enhance Platform and Grow Revenue Faster
Tailscale has landed $160 million in Series C funding to scale its platform and meet growing demand from AI and enterprise firms. The networking company will invest in engineering to support multi-cloud and identity-based networking features.
Tailscale has landed $160 million in Series C funding to scale its platform and meet growing demand from AI and enterprise firms. The networking company will invest in engineering to support multi-cloud and identity-based networking features.
Threat Attack Daily - 8th of April 2025
4 months 2 weeks ago
Threat Attack Daily - 8th of April 2025
Dark Web Informer - Cyber Threat Intelligence
Ransomware Attack Update for the 8th of April 2025
4 months 2 weeks ago
Ransomware Attack Update for the 8th of April 2025
Dark Web Informer - Cyber Threat Intelligence
Microsoft Drops Another Massive Patch Update
4 months 2 weeks ago
A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
Jai Vijayan, Contributing Writer
CVE-2025-32198 | themefusecom Brizy Plugin up to 2.6.14 on WordPress cross site scripting
4 months 2 weeks ago
A vulnerability was found in themefusecom Brizy Plugin up to 2.6.14 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-32198. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-3100 | WP Project Manager Plugin up to 2.6.22 on WordPress SVG File Upload cross site scripting
4 months 2 weeks ago
A vulnerability was found in WP Project Manager Plugin up to 2.6.22 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component SVG File Upload Handler. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2025-3100. The attack may be launched remotely. There is no exploit available.
vuldb.com