Aggregator

为了提升自己的开发能力和安全意识，我决定对这套系统的CSRF漏洞进行一次漏洞挖掘和代码审计，并将整个过程记录下来。

A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the energy, retail, education, consulting, and agriculture sectors. In 2023, it globalized the scope of its compromises, leading to persistent access within numerous sectors in the United States, Europe, Central Asia, and the Middle East,” Microsoft’s researchers … More →

The post Sandworm APT’s initial access subgroup hits organizations accross the globe appeared first on Help Net Security.

Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in […]

The post Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Anapi Group H6Web. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-1271. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Chimpstudio WP Directorybox Manager Plugin up to 2.5 on WordPress and classified as critical. This issue affects the function wp_dp_parse_request. The manipulation leads to authentication bypass using alternate channel. The identification of this vulnerability is CVE-2024-13182. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Anapi Group H6Web and classified as critical. This vulnerability affects unknown code of the file /h6web/ha_datos_hermano.php. The manipulation of the argument pkrelated leads to authorization bypass. This vulnerability was named CVE-2025-1270. The attack can be initiated remotely. There is no exploit available.

#SNMP #TRP00F权限提升 #ktor-HTTP服务扫描 #Pandora Fms SQLI-RCE #RE #tar-Path劫持权限提升

A vulnerability, which was classified as problematic, was found in Keylime 7.12.0. This affects an unknown part of the component Database Entry Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-1057. Access to the local network is required for this attack to succeed. There is no exploit available.

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams

Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups, and individuals. Leveraging advanced technologies such as generative artificial intelligence (AI), these actors aim to […]

The post Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Netskope Threat Labs has uncovered a sophisticated phishing campaign targeting users across various industries, including technology, manufacturing, and banking. This campaign, active since mid-2024, exploits search engine optimization (SEO) techniques to lure victims into downloading malicious PDFs hosted on the Webflow Content Delivery Network (CDN). These PDFs are embedded with fake CAPTCHA images that redirect […]

The post New Phishing Attacks Abuses Webflow CDN & CAPTCHAs to Steal Credit Card details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.75/6.12.12/6.13.1. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-21700. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A critical security vulnerability in the “Security & Malware scan by CleanTalk” plugin has left over 30,000 WordPress websites exposed to exploitation. The vulnerability, identified as CVE-2024-13365, allows unauthenticated attackers to conduct arbitrary file uploads, potentially leading to remote code execution (RCE). The flaw, assigned a CVSS score of 9.8 (Critical), affects all plugin versions up to […]

The post 30,000 WordPress Sites Exposed to Exploitation via File Upload Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Санкции США обернулись против них.

A recent ransomware attack leveraging a vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) has raised significant concerns within the cybersecurity community. The attack, which targeted a medium-sized software and services company in South Asia in late 2024, is particularly alarming because it employed tools historically associated with China-based espionage groups. This marks a […]

The post Palo Alto Firewall Flaw Exploited in RA World Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been declared as problematic. This vulnerability affects the function platform_get_irq of the component mfd. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-56723. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.1. Affected by this vulnerability is the function nfsd4_process_cb_update of the component NFSD. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53217. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. Affected by this issue is the function sh7760fb_alloc_mem of the component fbdev. The manipulation leads to memory leak. This vulnerability is handled as CVE-2024-56746. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.