Aggregator

9th June – Threat Intelligence Report

Check Point Research
8 months 3 weeks ago

For the latest discoveries in cyber research for the week of 9th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American tax company, Optima Tax Relief, has disclosed a ransomware attack that resulted in the theft of 69GB of sensitive data, including corporate records and customer case files containing personal information such […]

The post 9th June – Threat Intelligence Report appeared first on Check Point Research.

lorenf

New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721

Security Affairs
8 months 3 weeks ago
A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216 digital video recording devices. During a review of the logs in […]
Pierluigi Paganini

CVE-2025-3582 | Newsletter Plugin up to 8.84 on WordPress Form Setting cross site scripting (EUVD-2025-17434)

Vuldb Updates
8 months 3 weeks ago
A vulnerability has been found in Newsletter Plugin up to 8.84 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Form Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-3582. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2018-12071 | CodeIgniter up to 3.1.8 Session Library session fixiation (EUVD-2022-3879)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in CodeIgniter up to 3.1.8. It has been rated as critical. This issue affects some unknown processing of the component Session Library. The manipulation leads to session fixiation. The identification of this vulnerability is CVE-2018-12071. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-5863 | Tenda AC5 15.03.06.47 /goform/SetRebootTimer formSetRebootTimer rebootTime stack-based overflow (EUVD-2025-17437)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-5863. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5865 | RT-Thread 5.1.0 Parameter lwp_syscall.c sys_select timeout memory corruption (Issue 10298 / EUVD-2025-17440)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. This vulnerability is handled as CVE-2025-5865. Access to the local network is required for this attack. There is no exploit available. The vendor explains, that "[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory."
vuldb.com

CVE-2024-9407 | Red Hat Enterprise Linux/OpenShift Container Platform Bind-propagation Option mount input validation (EUVD-2024-3036 / Nessus ID 209515)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Red Hat Enterprise Linux and OpenShift Container Platform. It has been rated as problematic. This issue affects some unknown processing of the component Bind-propagation Option. The manipulation of the argument mount leads to improper input validation. The identification of this vulnerability is CVE-2024-9407. Local access is required to approach this attack. There is no exploit available.
vuldb.com

CVE-2025-5893 | Honding Smart Parking Management System up to 1.4 exposure of sensitive system information to an unauthorized control sphere (EUVD-2025-17439)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Honding Smart Parking Management System up to 1.4. Affected by this issue is some unknown functionality. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is handled as CVE-2025-5893. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-5866 | RT-Thread 5.1.0 lwp_syscall.c sys_sigprocmask how array index (Issue 10300 / EUVD-2025-17438)

Vuldb Updates
8 months 3 weeks ago
A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. This vulnerability is uniquely identified as CVE-2025-5866. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com

Malicious npm Utility Packages Enable Attackers to Wipe Production Systems

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 3 weeks ago

Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias “botsailer” with the associated email anupm019@gmail[.]com, these packages represent a shift from traditional data theft to outright sabotage. New Wave of Sabotage […]

The post Malicious npm Utility Packages Enable Attackers to Wipe Production Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Weekly Update 455

Troy Hunt
8 months 3 weeks ago

The bot-fighting is a non-stop battle. In this week's video, I discuss how we're tweaking Cloudflare Turnstile and combining more attributes around how bot-like requests are, and... it almost worked. Just as I was preparing to write this intro, I found a small spike of anomalous

Troy Hunt

CVE-2024-26342 | Asus AC68U 3.0.0.4.384.82230 Network Packet usr/sbin/httpd null pointer dereference (EUVD-2024-23611)

Vuldb Updates
8 months 3 weeks ago
A vulnerability has been found in Asus AC68U 3.0.0.4.384.82230 and classified as critical. Affected by this vulnerability is an unknown functionality of the file usr/sbin/httpd of the component Network Packet Handler. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-26342. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-26314 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04 / EUVD-2024-23584)

Vuldb Updates
8 months 3 weeks ago
A vulnerability has been found in Mitsubishi Electric CPU Module Logging Configuration Tool, CSGL, CW Configurator, Data Transfer, Data Transfer Classic, EZSocket, FR Configurator SW3, FR Configurator2, GENESIS64, GT Designer3, GT SoftGOT1000, GT SoftGOT2000, GX Developer, GX LogViewer, GX Works2, GX Works3, iQ Works, MI Configurator, Numerical Control Device Communication Software, MR Configurator, MR Configurator2, MRZJW3-MC2-UTL, MX Component, MX OPC Server DA UA, PX Developer Monitor Tool, RT ToolBox3, RT VisualBox, Monitoring tools for the C Controller Module, SW0DNC-MNETH-B, SW1DNC-CCBD2-B, SW1DNC-CCIEF-J, SW1DNC-CCIEF-B, SW1DNC-MNETG-B, SW1DNC-QSCCF-B and SW1DND-EMSDK-B and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2024-26314. An attack has to be approached locally. There is no exploit available.
vuldb.com

Managed ad