Aggregator

A vulnerability categorized as problematic has been discovered in EKEN Video Doorbell T6 BT60PLUS_MAIN_V1.0_GC1084_20230531. Affected is an unknown function. Executing manipulation can lead to incorrect resource transfer. This vulnerability is handled as CVE-2025-56675. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Validator.js up to 13.15.15. It has been rated as problematic. This impacts the function isURL. Performing manipulation results in open redirect. This vulnerability is known as CVE-2025-56200. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Dify 1.6.0. It has been declared as critical. This affects an unknown function of the component controllers.console.remote_files.RemoteFileUploadApi. Such manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2025-56520. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Rapid7 AppSpider Pro up to 7.5.020. It has been classified as critical. The impacted element is an unknown function of the component Project Name Handler. This manipulation causes improper authorization. This vulnerability appears as CVE-2025-11195. The attack requires local access. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in NVIDIA License System and classified as problematic. The affected element is an unknown function of the component Delegated Licensing Service. The manipulation results in improper neutralization of special elements in data query logic. This vulnerability is reported as CVE-2025-23292. The attacker must have access to the local network to execute the attack. No exploit exists.

A vulnerability has been found in Liferay Portal and DXP and classified as problematic. Impacted is an unknown function. The manipulation of the argument _com_liferay_portal_security_audit_web_portlet_AuditPortlet_auditEventId leads to authorization bypass. This vulnerability is documented as CVE-2025-43827. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in NVIDIA License System. This issue affects some unknown processing of the component Delegated Licensing Service. Executing manipulation can lead to missing authentication. This vulnerability is registered as CVE-2025-23293. The attack requires access to the local network. No exploit is available.

A vulnerability, which was classified as problematic, has been found in NVIDIA License System. This vulnerability affects unknown code of the component Delegated Licensing Service. Performing manipulation results in cleartext storage of sensitive information. This vulnerability is cataloged as CVE-2025-23291. The attack must originate from the local network. There is no exploit available.

A vulnerability classified as critical was found in LiquidFiles Filetransfer Server up to 4.2. This affects an unknown part. Such manipulation leads to weak password recovery. This vulnerability is listed as CVE-2025-56132. The attack must be carried out from within the local network. There is no available exploit.

A vulnerability classified as problematic has been found in Dependencies.sol 0.8.17. Affected by this issue is the function _transfer of the component ERC721. This manipulation causes an unknown weakness. This vulnerability is tracked as CVE-2025-56207. The attack is possible to be carried out remotely. No exploit exists.

A sophisticated attack campaign targeting improperly managed Microsoft SQL servers has emerged, deploying the XiebroC2 command and control framework to establish persistent access to compromised systems. The attack leverages vulnerable credentials on publicly accessible database servers, allowing threat actors to gain initial foothold and escalate privileges through a multi-stage deployment process. XiebroC2, a publicly available […]

The post Threat Actors Hijacking MS-SQL Server to Deploy XiebroC2 Framework appeared first on Cyber Security News.

A vulnerability described as problematic has been identified in NiceHash QuickMiner 6.12.0. Affected by this vulnerability is an unknown functionality of the component Digital Signature Handler. The manipulation results in cryptographic issues. This vulnerability is identified as CVE-2025-56513. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in Karthikg1908 Hospital Management System 1.0. Affected is an unknown function of the file user-login.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. This vulnerability is referenced as CVE-2025-57254. Remote exploitation of the attack is possible. No exploit is available.

IOC Alert: Lumma Stealer Command-and-Control Domain Identified

Creator, Author and Presenter: Daniele Romanini, Resolve

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – Unlocking Cross-Organizational Insights: Practical MPC for Cloud-Based Data Analytics appeared first on Security Boulevard.

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. [...]

Cybersecurity researchers at Palo Alto Networks' Unit 42 say Chinese APT Phantom Taurus breached Microsoft Exchange servers for years using a backdoor to spy on diplomats and defense data.

A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. "We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks," researchers Jesse De Meulemeester, David Oswald, Ingrid

Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. [...]

In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks worldwide. First detected in early 2025, the campaign leverages custom-built malware to infiltrate secure perimeters and harvest user credentials. Initial indicators of compromise point to spear-phishing emails with HTML attachments […]

The post APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials appeared first on Cyber Security News.