Submit #616175: code-projects Online Appointment Booking System V1.0 SQL injection [Accepted]
Submit #616175 / VDB-316764
Aggregator
Submit #616103: JeeSite https://github.com/thinkgem/jeesite5 <=5.12.0 Open Redirect [Accepted]
1 week 3 days ago
Submit #616103 / VDB-316758
ZAST.AI
4 ГБ в один клик, GigaChat и Госключ: что уже умеет мессенджер MAX
1 week 3 days ago
Минцифры раскрыло, какие функции появятся в национальном мессенджере.
Massistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS Data
1 week 3 days ago
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated mobile forensics application called Massistant, deployed by Chinese law enforcement to extract comprehensive data from confiscated mobile devices. The tool represents a significant evolution from its predecessor MFSocket, incorporating advanced capabilities to bypass device security measures and collect sensitive information including SMS messages, images, audio […]
The post Massistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
CVE-2025-7762 | D-Link DI-8100 16.07.26A1 HTTP Request /menu_nat_more.asp stack-based overflow (EUVD-2025-21829)
1 week 3 days ago
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow.
The identification of this vulnerability is CVE-2025-7762. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #615796: D-Link DI-8100 16.07.26A1 Buffer Overflow [Accepted]
1 week 3 days ago
Submit #615796 / VDB-316757
XiDP
Akira
1 week 4 days ago
You must login to view this content
cohenido
Alleged Sale of Premium Cross-Platform RCS Exploit Chain Targeting Windows, Android, and macOS
1 week 4 days ago
Alleged Sale of Premium Cross-Platform RCS Exploit Chain Targeting Windows, Android, and macOS
Dark Web Informer - Cyber Threat Intelligence
CVE-2025-51630 | TOTOLINK N350RT 9.3.5u.6139_B20201216 setIpPortFilterRules ePort buffer overflow (EUVD-2025-21773)
1 week 4 days ago
A vulnerability classified as critical was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. This vulnerability affects the function setIpPortFilterRules. The manipulation of the argument ePort leads to buffer overflow.
This vulnerability was named CVE-2025-51630. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-40924 | HAARG Catalyst::Plugin::Session up to 0.43 on Perl rand generation of predictable numbers or identifiers (EUVD-2025-21775)
1 week 4 days ago
A vulnerability classified as problematic has been found in HAARG Catalyst::Plugin::Session up to 0.43 on Perl. This affects the function rand. The manipulation leads to generation of predictable numbers or identifiers.
This vulnerability is uniquely identified as CVE-2025-40924. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-53909 | mailcow-dockerized 2024-07 special elements used in a template engine (EUVD-2025-21774)
1 week 4 days ago
A vulnerability was found in mailcow-dockerized 2024-07. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper neutralization of special elements used in a template engine.
This vulnerability is handled as CVE-2025-53909. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Armenian Hacker Extradited to U.S. After Ransomware Attacks on Tech Firms
1 week 4 days ago
An Armenian national has been extradited from Ukraine to the United States to face federal charges for his alleged involvement in a series of Ryuk ransomware attacks and an extortion conspiracy that targeted U.S. companies, including a technology firm in Oregon. Karen Serobovich Vardanyan, 33, was extradited to the U.S. on June 18, 2025, and […]
The post Armenian Hacker Extradited to U.S. After Ransomware Attacks on Tech Firms appeared first on Cyber Security News.
Guru Baran
Akira
1 week 4 days ago
You must login to view this content
cohenido
CVE-2025-53927 | MaxKB up to 1.x shutil.copy2 code injection (EUVD-2025-21772)
1 week 4 days ago
A vulnerability was found in MaxKB up to 1.x. It has been declared as critical. Affected by this vulnerability is the function shutil.copy2. The manipulation leads to code injection.
This vulnerability is known as CVE-2025-53927. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Akira
1 week 4 days ago
You must login to view this content
cohenido
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
1 week 4 days ago
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys.
The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution.
"The attacker leverages
The Hacker News
SquareX Collaborates With Top Fortune 500 CISOs To Launch The Browser Security Field Manual At Black Hat
1 week 4 days ago
Palo Alto, California, July 17th, 2025, CyberNewsWire SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this comprehensive manual features industry perspectives from leading CISOs from multiple Fortune […]
The post SquareX Collaborates With Top Fortune 500 CISOs To Launch The Browser Security Field Manual At Black Hat appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CyberNewswire
90 суток без сна и топлива. Этот дрон будет фиксировать с высоты каждый ваш шаг
1 week 4 days ago
Если Skydweller поднялся — он не вернётся, пока не увидит всё, что хотел.
Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike
1 week 4 days ago
Proofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp, conducted coordinated phishing operations against organizations spanning semiconductor manufacturing, design, testing, supply chain entities, and financial investment analysts specializing in the Taiwanese semiconductor market. […]
The post Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Why Cybersecurity Still Matters for America's Schools
1 week 4 days ago
Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — and how — they can keep their institutions safe.
Chester Moyer