Aggregator

Submit #614974 / VDB-316248

Submit #614973 / VDB-316247

NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings," the GPU maker said in an advisory released this week. Dubbed

Submit #614977 / VDB-316120

Submit #614972 / VDB-274770

OpenAI is on the cusp of introducing a groundbreaking AI-infused web browser, slated for release in the imminent weeks, as detailed in a recent Reuters report. This innovative browser is poised to embed OpenAI’s Operator AI agent directly into its framework, enabling autonomous functionalities such as reservation bookings, form completions, and a spectrum of user-delegated […]

The post OpenAI Set to Launch AI-Powered Web Browser in the Coming Weeks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. This vulnerability was named CVE-2025-7548. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #614883 / VDB-206867

A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects the function save_movie of the file /admin/admin_class.php. The manipulation of the argument cover leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-7547. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #614658 / VDB-316246

Submit #614661 / VDB-274770

Submit #614659 / VDB-316114

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-7546. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2025-7545. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs. Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of over 64 million job applicants. The security duo found that McDonald’s hiring bot, built by […]

Submit #614466 / VDB-316245

Submit #614375 / VDB-316244

Submit #614355 / VDB-316243

A vulnerability classified as problematic has been found in Apache Zeppelin up to 0.11.x. Affected is an unknown function of the component Cluster Interpreter. The manipulation leads to improper control of resource through lifetime. This vulnerability is traded as CVE-2024-41169. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Hackers have targeted the popular WordPress plugin Gravity Forms, injecting malicious code into versions downloaded from the official gravityforms.com domain. The breach was first reported on July 11, 2025, when security researchers noticed suspicious HTTP requests to the domain gravityapi.org, which was registered just days earlier on July 8, 2025. This domain, now suspended by […]

The post Hackers Compromise WordPress GravityForms Plugin with Malicious Code Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.