[webapps] esm-dev 136 - Path Traversal
esm-dev 136 - Path Traversal
Aggregator
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
1 week 1 day ago
Summar Employee Portal 3.98.0 - Authenticated SQL Injection
重磅新规解读《能源行业数据安全管理办法(试行)》
1 week 1 day ago
新规将于2026年7月1日施行。
Daily Dose of Dark Web Informer for the 15th of December 2025
1 week 1 day ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer
Google is shutting down its dark web report feature in January
1 week 1 day ago
Google is discontinuing its "dark web report" security tool, stating that it wants to focus on other tools it believes are more helpful. [...]
Mayank Parmar
Askul confirms theft of 740k customer records in ransomware attack
1 week 1 day ago
Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October. [...]
Bill Toulas
Threat Attack Update for the 15th of December 2025
1 week 1 day ago
Threat Attack Update for the 15th of December 2025
Dark Web Informer
Ransomware Attack Update for the 15th of December 2025
1 week 1 day ago
Ransomware Attack Update for the 15th of December 2025
Dark Web Informer
Удалили оскорбление в комментариях? Поздравляем, вы только что стёрли улику. Как жертвы кибербуллинга сами уничтожают шансы на правосудие
1 week 1 day ago
5 шагов от скриншота до суда — полная инструкция для жертв травли в 2025.
The art of concealment: How cybercriminals are becoming and remaining anonymous
1 week 1 day ago
SANS Digital Forensics and Incident Response
New SantaStealer malware steals data from browsers, crypto wallets
1 week 1 day ago
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. [...]
Bill Toulas
How Cyber Insurance MGAs Shape Policies for Evolving Cyber-Risks
1 week 1 day ago
Managing general agents help insurers navigate sectors where they lack expertise. A cybersecurity policy written by an MGA is more likely to reflect an understanding of the risks CISOs deal with.
Ericka Chickowski, Contributing Writer
Anubis
1 week 1 day ago
You must login to view this content
cohenido
Texas sues 5 smart TV manufacturers over data collection practices
1 week 1 day ago
Texas' attorney general, who is suing under the Texas Deceptive Trade Practices Act, says ACR technology violates Texas law because of how it collects consumer data without the user’s knowledge or consent.
PornHub extorted after hackers steal Premium member activity data
1 week 1 day ago
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. [...]
Lawrence Abrams
Apple Patches More Zero-Days Used in 'Sophisticated' Attack
1 week 1 day ago
Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week.
Alexander Culafi
Полмиллиарда рублей за разблокировку. Хакеры установили исторический рекорд по сумме выкупа в России
1 week 1 day ago
F6: в публичном доступе в 2025 году оказалось более 760 млн строк с данными россиян.
Nation-State and Cybercrime Exploits Tied to React2Shell
1 week 1 day ago
2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.
Submit #715521: Ilevia Srl Ilevia EVE X1/X5 Server 4.6.5.0.eden Command Injection [Duplicate]
1 week 1 day ago
Submit #715521 / VDB-334802
Yiding
Submit #707198: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Unauthenticated ONVIF PTZ Full Remote Camera Control [Accepted]
1 week 1 day ago
Submit #707198 / VDB-336522
keroomi