Aggregator

Власть в одних руках закончилась — и новые руки уже тянутся к ядру.

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things. "The [Russian-speaking] actor used our models to assist with developing and refining

A vulnerability was found in Broadstreet Plugin up to 1.51.7 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-4652. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Newsletter Plugin up to 8.84 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Form Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-3582. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Newsletter Plugin up to 8.8.4 on WordPress. Affected is an unknown function of the component Widget Option Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-3581. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT—a groundbreaking AI assistant tailored specifically for the Kali Linux ecosystem, engineered by XIS10CIAL. This article explores the genesis, capabilities, and tangible advantages of Kali GPT, […]

The post Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The identification of this vulnerability is CVE-2025-5892. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #585751 / VDB-311663

A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. This vulnerability was named CVE-2025-5891. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. This vulnerability is uniquely identified as CVE-2025-5890. It is possible to initiate the attack remotely. There is no exploit available.

Linus Torvalds 在内核邮件列表上宣布释出了 Linux 6.16-rc1，关闭了合并窗口，正式版预计将在 7 月底左右释出。Linux 6.16-rc1 的主变化包括：改进性能，支持 AMD 和英特尔的新硬件，Nouveau 驱动支持英伟达 Blackwell 和 Hopper GPU，英特尔 APX 初步支持，USB 音频分流（Offloading），sysfs 报告硬/软锁死次数的，OpenVPN DCO 驱动等等。

Submit #585750 / VDB-311662

Submit #585727 / VDB-311661

Операция Eagle Flush сорвала маску с международной схемы киберобучения аферистов.

A vulnerability was found in juliangruber brace-expansion up to 1.1.11. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. This vulnerability is handled as CVE-2025-5889. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. This vulnerability was named CVE-2025-5861. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The identification of this vulnerability is CVE-2025-5862. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #585717 / VDB-311660

A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email, and Telegram to infiltrate targets primarily within the defense sector, North Korea-related activists, and cryptocurrency […]

The post Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-5888. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.