Aggregator
New SantaStealer malware steals data from browsers, crypto wallets
1 week 1 day ago
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. [...]
Bill Toulas
How Cyber Insurance MGAs Shape Policies for Evolving Cyber-Risks
1 week 1 day ago
Managing general agents help insurers navigate sectors where they lack expertise. A cybersecurity policy written by an MGA is more likely to reflect an understanding of the risks CISOs deal with.
Ericka Chickowski, Contributing Writer
Anubis
1 week 1 day ago
You must login to view this content
cohenido
Texas sues 5 smart TV manufacturers over data collection practices
1 week 1 day ago
Texas' attorney general, who is suing under the Texas Deceptive Trade Practices Act, says ACR technology violates Texas law because of how it collects consumer data without the user’s knowledge or consent.
PornHub extorted after hackers steal Premium member activity data
1 week 1 day ago
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. [...]
Lawrence Abrams
Apple Patches More Zero-Days Used in 'Sophisticated' Attack
1 week 1 day ago
Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week.
Alexander Culafi
Полмиллиарда рублей за разблокировку. Хакеры установили исторический рекорд по сумме выкупа в России
1 week 1 day ago
F6: в публичном доступе в 2025 году оказалось более 760 млн строк с данными россиян.
Nation-State and Cybercrime Exploits Tied to React2Shell
1 week 1 day ago
2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.
Submit #715521: Ilevia Srl Ilevia EVE X1/X5 Server 4.6.5.0.eden Command Injection [Duplicate]
1 week 1 day ago
Submit #715521 / VDB-334802
Yiding
Submit #707198: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Unauthenticated ONVIF PTZ Full Remote Camera Control [Accepted]
1 week 1 day ago
Submit #707198 / VDB-336522
keroomi
Submit #707197: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Unauthenticated Hard Reset via ONVIF SetSystemFactoryDefault [Accepted]
1 week 1 day ago
Submit #707197 / VDB-336521
keroomi
Submit #707196: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware version: 57.0.2.0 Improper Check or Handling of Exceptional Conditions [Accepted]
1 week 1 day ago
Submit #707196 / VDB-336520
keroomi
Submit #707195: Shenzhen Ningyuanda Technology Co., Ltd. TC155 IP Camera Firmware Version 57.0.2.0 Missing Critical Step in Authentication [Accepted]
1 week 1 day ago
Submit #707195 / VDB-336519
keroomi
CVE-2025-67842
1 week 1 day ago
Currently trending CVE - Hype Score: 19
CVE-2025-67845
1 week 1 day ago
Currently trending CVE - Hype Score: 19
CVE-2025-67843
1 week 1 day ago
Currently trending CVE - Hype Score: 19
CVE-2025-67846
1 week 1 day ago
Currently trending CVE - Hype Score: 19
CVE-2025-46279
1 week 1 day ago
Currently trending CVE - Hype Score: 21
CVE-2025-14174
1 week 1 day ago
Currently trending CVE - Hype Score: 2 - Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)