Aggregator

CVE-2025-71284 | Synway SMG Gateway Management Software 2025-07-11 RADIUS Configuration Endpoint /en/9-2radius.php os command injection

VulDB Recent Entries
1 day 10 hours ago
A vulnerability, which was classified as critical, has been found in Synway SMG Gateway Management Software 2025-07-11. The affected element is an unknown function of the file /en/9-2radius.php of the component RADIUS Configuration Endpoint. Performing a manipulation of the argument radius_address/radius_address2/shared_secret2/source_ip/timeout/retry results in os command injection. This vulnerability was named CVE-2025-71284. The attack may be initiated remotely. There is no available exploit.
vuldb.com

axios-供应链投毒事件:安装即刻触发

先知技术社区
1 day 10 hours ago
本文围绕2026年3月31日axios在npm上发生的供应链投毒事件展开分析,系统梳理了恶意版本 0.30.4 与 1.14.1 的发布时间线、投毒方式及完整攻击链,说明攻击者如何在未修改axios主体运行时代码的情况下,通过新增恶意依赖 plain-crypto-js 并利用postinstall脚本在 Windows、macOS 和 Linux 平台拉取并执行二阶段载荷。文章进一步拆解了 se

Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

Security Boulevard
1 day 10 hours ago

What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access to the control panel. The vulnerability carries a CVSS 3.1 score of 9.8 and is […]

The post Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM appeared first on Blog.

The post Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM appeared first on Security Boulevard.

Gabi Sharadin

Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications

Cyber Security News
1 day 10 hours ago

Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level 3 advisory from security patch analyst Susan Bradley at AskWoody. The problematic update, KB5083769, applies to Windows 11 versions 24H2 and 25H2 (OS Builds 26200.8246 and 26100.8246), released on April 14, […]

The post Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications appeared first on Cyber Security News.

Guru Baran

Linux Kernel Flaw ‘Copy Fail’ Exposes Widespread Privilege Escalation Risk

Security Boulevard
1 day 11 hours ago

A newly disclosed Linux kernel vulnerability is exposing a pathway for unprivileged users to gain full admin control on a wide range of systems. The flaw, identified as CVE-2026-31431 and dubbed Copy Fail, affects nearly all major Linux distros released over the past eight years. The issue stems from a logic error in the kernel’s..

The post Linux Kernel Flaw ‘Copy Fail’ Exposes Widespread Privilege Escalation Risk appeared first on Security Boulevard.

James Maguire

Zambia cancels global digital freedoms conference days before start

The Record
1 day 11 hours ago
On Tuesday, Zambia’s Minister of Technology and Science offered the first hint that the conference would be cancelled, telling a Zambian news outlet that participants’ security clearances were incomplete and that the government has concerns about the conference’s “dialogue.”

Managed ad