Aggregator

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site scripting. This vulnerability is handled as CVE-2025-8545. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Мозг на Intel i7, крутящий момент как у электровелосипеда и никакой паники.

The Russian cybercrime group attacked more than 180 organizations before members abandoned the brand and dispersed to new ransomware groups earlier this year.

The post Details emerge on BlackSuit ransomware takedown appeared first on CyberScoop.

The decision in the civil case against Meta over how it handled data from the Flo period tracking app represents a significant loss for the tech giant, privacy advocates say.

Microsoft announced that the transcription, dictation, and read aloud features will stop working in older versions of Office 365 applications in late January 2026. [...]

A sophisticated new cybercriminal campaign has emerged, leveraging a Python-based information stealer known as PXA Stealer to orchestrate one of the most extensive data theft operations observed in recent months. The malware, which first surfaced in late 2024, has evolved into a highly evasive multi-stage operation that has successfully compromised over 4,000 unique victims across […]

The post New Python-Based PXA Stealer Via Telegram Stolen 200,000 Unique Passwords and Hundreds of Credit Cards appeared first on Cyber Security News.

Baden-Württemberg State Association for Prevention & Rehabilitation gGmbH Falls Victim to Brain Cipher Ransomware

A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass multi-factor authentication (MFA) and deploy ransomware within hours of the initial breach. Security firms, including Huntress, Arctic Wolf, and Sophos, have reported a recent surge in high-severity incidents targeting these […]

The post SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware appeared first on Cyber Security News.

CVE-2025-54574 превращает обычный URN-запрос в оружие массового поражения.

The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the […]