Aggregator

Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 week 3 days ago

Cybersecurity researchers have uncovered a persistent campaign deploying the AndroidOS SpyNote malware, a sophisticated Remote Access Trojan (RAT) designed for surveillance, data exfiltration, and remote device control. This operation mimics legitimate Google Play Store pages for popular Android apps, tricking users into downloading malicious APK files. The campaign, linked to the same threat actor previously […]

The post Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure

Cyber Security News
1 week 3 days ago

In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging commercial proxy and VPN services to mask their attack infrastructure. The emergence of this tactic coincides with a broader shift toward commoditized anonymization platforms that blend threat actor traffic with legitimate user activity. Initial compromise vectors […]

The post Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2025-56215 | PHPGurukul Hospital Management System 4.0 contact.php pagetitle sql injection

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been rated as critical. The affected element is an unknown function of the file contact.php. This manipulation of the argument pagetitle causes sql injection. The identification of this vulnerability is CVE-2025-56215. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-50900 | Rebuild 4.0.4 com.rebuild.web.RebuildWebinterceptor/ preHandle access control

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in Rebuild 4.0.4. It has been classified as critical. This issue affects the function preHandle of the component com.rebuild.web.RebuildWebinterceptor/. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-50900. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2025-56212 | PHPGurukul Hospital Management System 4.0 add-doctor.php docname sql injection

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in PHPGurukul Hospital Management System 4.0 and classified as critical. This vulnerability affects unknown code of the file add-doctor.php. Executing manipulation of the argument docname can lead to sql injection. This vulnerability is handled as CVE-2025-56212. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2025-5302 | run-llama llama_index up to 0.12.37 JSONReader recursion

VulDB Recent Entries
1 week 3 days ago
A vulnerability has been found in run-llama llama_index up to 0.12.37 and classified as problematic. This affects an unknown part of the component JSONReader. Performing manipulation results in uncontrolled recursion. This vulnerability is known as CVE-2025-5302. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2025-9476 | SourceCodester Human Resource Information System 1.0 editemployee_process.php employee_file201 unrestricted upload

VulDB Recent Entries
1 week 3 days ago
A vulnerability, which was classified as critical, was found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. This vulnerability is traded as CVE-2025-9476. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9475 | SourceCodester Human Resource Information System 1.0 editemployee_process.php employee_file201 unrestricted upload

VulDB Recent Entries
1 week 3 days ago
A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin_Dashboard/process/editemployee_process.php. This manipulation of the argument employee_file201 causes unrestricted upload. This vulnerability appears as CVE-2025-9475. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

Managed ad