Aggregator

Submit #703136 / VDB-248948

Originally published at How to Check and Improve Your Email Sender Reputation by EasyDMARC.

If you’re noticing a consistently poor ROI on ...

The post How to Check and Improve Your Email Sender Reputation appeared first on EasyDMARC.

The post How to Check and Improve Your Email Sender Reputation appeared first on Security Boulevard.

A vulnerability was found in projectworlds Advanced Library Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view_book.php. Executing manipulation of the argument book_id can lead to sql injection. This vulnerability is handled as CVE-2025-14527. The attack can be executed remotely. Additionally, an exploit exists.

Ukrainian Victoria Dubranova, 33, faces US charges for aiding pro-Russia hacktivist groups CARR and NoName057(16) in global cyberattacks. A Ukrainian woman, Victoria Dubranova (33), has been charged in the US for allegedly aiding the pro-Russia hacktivist groups Cyber Army of Russia Reborn (CARR) and NoName057(16) in cyberattacks against critical infrastructure worldwide. Dubranova was extradited to […]

A vulnerability was found in Tenda CH22 1.0.0.1. It has been classified as critical. This affects the function frmL7ImForm of the file /goform/L7Im. Performing manipulation of the argument page results in buffer overflow. This vulnerability is known as CVE-2025-14526. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Black Duck announced the launch of Black Duck Signal, a transformative agentic AI solution engineered to secure software at the speed of AI-powered development. Signal combines Black Duck’s 20 years of software security expertise and intellectual property with LLM-powered software analysis to autonomously detect and remediate vulnerabilities in business-critical applications. As companies rapidly adopt AI coding assistants and agentic workflows, the need for application security solutions that can keep pace has never been greater. Black … More →

The post Black Duck Signal applies LLM intelligence to code and supply chain risk appeared first on Help Net Security.

A vulnerability was found in WP Job Portal Plugin up to 2.4.0 on WordPress and classified as critical. Affected by this issue is the function downloadCustomUploadedFile. Such manipulation leads to path traversal. This vulnerability is traded as CVE-2025-14293. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 18.4.5/18.5.3/18.6.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Merge Handler. This manipulation causes escaping of output. This vulnerability appears as CVE-2025-12734. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

Submit #703096 / VDB-335867

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 18.4.5/18.5.3/18.6.1. Affected is an unknown function of the component Swagger UI. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-12029. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in GNOME Glib. This impacts the function escape_byte_string of the component Remote Fileystem Handler. The manipulation leads to integer overflow. This vulnerability is documented as CVE-2025-14512. The attack can be initiated remotely. There is not any exploit available.

Submit #703085 / VDB-327593

本次梳理出的六个网络空间安全奖项

Submit #703035 / VDB-335866

近日，微软官方发布了多个安全漏洞的公告，其中微软产品本身漏洞58个，影响到微软产品的其他厂商漏洞71个。

Submit #702974 / VDB-323022

CloudCasa announced the latest enhancements to its CloudCasa platform, adding support for accessing backup storage using SMB (Server Message Block) file-sharing protocol and support for user-selectable compression of backup data. These enhancements complement CloudCasa’s support for NFS backup storage introduced in October, enabling organizations to back up Kubernetes and containerized virtual machine workloads directly to their existing on-premises NAS devices or Windows servers, and to choose compression options appropriate for their workloads, especially useful in … More →

The post CloudCasa adds SMB support and compression controls for Kubernetes backup appeared first on Help Net Security.

«Шутка», которая стоила миллионы.

Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. [...]