Aggregator

How To Block Apps On Any Device [2025 Guide]

Security Boulevard
7 months 2 weeks ago

In school environments, blocking apps is necessary. Not only to keep students productive and engaged in the classroom, but also to ensure safety. Certain apps simply take a student’s focus; others expose them to inappropriate content and security risks. Fortunately, it’s easy for school IT administrators to not only block apps but to gain full ...

The post How To Block Apps On Any Device [2025 Guide] appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post How To Block Apps On Any Device [2025 Guide] appeared first on Security Boulevard.

Alexa Sander

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Security Affairs
7 months 2 weeks ago
British national Kai West, aka IntelBroker, was charged in U.S. for a global hacking scheme that stole and sold data, causing millions in damages. Kai West (25), a British national, has been charged in the U.S. for operating as ‘IntelBroker,’ running a global hacking scheme that stole and sold data, causing millions in damages. The […]
Pierluigi Paganini

Play

Dark Feed IO
7 months 2 weeks ago

You must login to view this content

cohenido

nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 2 weeks ago

A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full account takeover across tenant boundaries. Research conducted by Semperis, disclosed on June 26, 2025, revealed that 9 out of 104 tested applications approximately 9% within the Microsoft Entra App Gallery […]

The post nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Researchers Weaponize and Obfuscate .NET Assemblies Using MacroPack

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 2 weeks ago

Researchers at BallisKit have introduced a sophisticated scenario within their MacroPack Pro tool to obfuscate and weaponize .NET assemblies, significantly enhancing their stealth against modern security solutions. As .NET has become a preferred language for crafting prominent offensive tools like Rubeus, SeatBelt, SharpDPAPI, and Certify over recent years, its widespread use has also drawn the […]

The post Researchers Weaponize and Obfuscate .NET Assemblies Using MacroPack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2020-21682 | fig2dev 3.2.7b xfig File genge.c set_fill buffer overflow (Nessus ID 240492)

Vuldb Updates
7 months 2 weeks ago
A vulnerability has been found in fig2dev 3.2.7b and classified as problematic. Affected by this vulnerability is the function set_fill of the file genge.c of the component xfig File Handler. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2020-21682. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2020-21683 | fig2dev 3.2.7b xfig File genpstricks.c shade_or_tint_name_after_declare_color buffer overflow (Nessus ID 240492)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in fig2dev 3.2.7b and classified as problematic. Affected by this issue is the function shade_or_tint_name_after_declare_color of the file genpstricks.c of the component xfig File Handler. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2020-21683. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

CVE-2020-21680 | fig2dev 3.2.7b pict2e File genpict2e.c put_arrow stack-based overflow (Nessus ID 240492)

Vuldb Updates
7 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in fig2dev 3.2.7b. This issue affects the function put_arrow of the file genpict2e.c of the component pict2e File Handler. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2020-21680. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com

CVE-2024-39312 | randombit botan up to 2.19.4/3.4.x x.509 Certificate certificate validation (Nessus ID 240496)

Vuldb Updates
7 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in randombit botan up to 2.19.4/3.4.x. Affected by this issue is some unknown functionality of the component x.509 Certificate Handler. The manipulation leads to improper certificate validation. This vulnerability is handled as CVE-2024-39312. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-28170 | Oracle WebLogic Server 14.1.1.0.0 Centralized Third Party Jars input validation (Nessus ID 240506)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in Oracle WebLogic Server 14.1.1.0.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component Centralized Third Party Jars. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2021-28170. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-31698 | Apache Traffic Server up to 9.2.10/10.0.5 Proxy Protocol access control (Nessus ID 240505)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in Apache Traffic Server up to 9.2.10/10.0.5. It has been classified as critical. Affected is an unknown function of the component Proxy Protocol Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2025-31698. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-49763 | Apache Traffic Server up to 9.2.10/10.0.5 ESI Plugin memory allocation (Nessus ID 240505)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in Apache Traffic Server up to 9.2.10/10.0.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component ESI Plugin. The manipulation leads to uncontrolled memory allocation. This vulnerability is known as CVE-2025-49763. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-28170 | Oracle Communications Cloud Native Core Policy 1.14.0 input validation (Nessus ID 240506)

Vuldb Updates
7 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Oracle Communications Cloud Native Core Policy 1.14.0. Affected is an unknown function of the component Policy. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2021-28170. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

走近 DMA — 三角洲里的天才少年

不安全
7 months 2 weeks ago
DMA是一位在三角洲成长的天才少年,在编程与网络安全领域展现出非凡才能。他通过自学掌握多种编程语言,并参与开发开源项目。DMA不仅在技术上表现出色,在团队合作与创新思维方面也表现出色。他的故事激励了许多对科技感兴趣的青少年追求自己的梦想。

CVE-2025-29331 | MHSanaei 3x-ui up to 2.5.3 wget certificate validation (EUVD-2025-19195)

Vuldb Updates
7 months 2 weeks ago
A vulnerability classified as problematic was found in MHSanaei 3x-ui up to 2.5.3. This vulnerability affects unknown code of the component wget Handler. The manipulation leads to improper certificate validation. This vulnerability was named CVE-2025-29331. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Managed ad