Aggregator

MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April. [...]

Creators, Authors and Presenters: Danny Lazarev, Erez Harush

Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: Enhancing Secret Detection In Cybersecurity With Small LMs appeared first on Security Boulevard.

Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams

Submit #636370 / VDB-321775

Submit #636369 / VDB-321774

A vulnerability was found in code-projects Student Information Management System 1.0. It has been declared as problematic. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. This vulnerability was named CVE-2025-9595. The attack may be performed from a remote location. In addition, an exploit is available.

Submit #636365 / VDB-321773

Submit #636364 / VDB-321772

Submit #636363 / VDB-321771

A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been classified as critical. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9594. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. This vulnerability is handled as CVE-2025-9593. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in itsourcecode Apartment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. This vulnerability is known as CVE-2025-9592. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Farmers Insurance Exchange and its subsidiaries recently disclosed a significant security incident that compromised personal information of approximately 1.1 million customers through an unauthorized access to a third-party vendor’s database. The breach, which occurred on May 29, 2025, represents one of the largest insurance industry data exposures of the year, affecting customer records containing names, […]

The post Farmers Insurance Cyber Attack – 1.1 Million Customers Data Exposed in Salesforce Attack appeared first on Cyber Security News.

Submit #636362 / VDB-321770

Submit #636361 / VDB-320536

A vulnerability, which was classified as problematic, was found in ZrLog up to 3.1.5. This vulnerability affects unknown code of the file /api/admin/template/config of the component Theme Configuration Form. Such manipulation of the argument footerLink leads to cross site scripting. This vulnerability is traded as CVE-2025-9591. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #636359 / VDB-321769

Anthropic has thwarted multiple sophisticated attempts by cybercriminals to misuse its Claude AI platform, according to a newly released Threat Intelligence report. Despite layered safeguards designed to prevent harmful outputs, malicious actors have adapted to exploit Claude’s advanced capabilities, weaponizing agentic AI to execute large-scale extortion, employment fraud, and ransomware operations. In one high-profile case […]

The post Hackers Attempted to Misuse Claude AI to Launch Cyber Attacks appeared first on Cyber Security News.

Submit #636187 / VDB-321768

Submit #636186 / VDB-321767