Aggregator

Submit #634083 / VDB-321337

Submit #634082 / VDB-321336

Submit #634081 / VDB-321335

Submit #634080 / VDB-321334

Submit #634079 / VDB-321333

In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group’s espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within […]

The post Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered appeared first on Cyber Security News.

Creator, Author and Presenter: Carson Zimmerman

Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: One SOC, The Whole SOC, and Nothing But The SOC, So Help Me appeared first on Security Boulevard.

当看到这个大华的漏洞前段时间国护中已经被公开了就来分析一下这个漏洞

AI is transforming how SaaS companies find and convert customers. While traditional companies struggle with 32% conversion rates, AI-native firms hit 56%. Learn how automated GTM agents work 24/7 to spot prospects, track competitors, and optimize revenue—with real results.

The post How AI is Changing the Game for SaaS Sales Teams appeared first on Security Boulevard.

A significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the North Korean advanced persistent threat (APT) group known as Kimsuky, a sophisticated actor previously highlighted in cybersecurity advisories for […]

The post Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Newark, United States, 25th August 2025, CyberNewsWire

A vulnerability has been found in Rebuild 3.7.7 and classified as critical. Affected is the function loadDataIndex of the component com.rebuild.web.admin.rbstore.RBStoreController. This manipulation of the argument Type causes server-side request forgery. This vulnerability is handled as CVE-2024-46413. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in DASAN GPON ONU H660WM H660WMR210825. This impacts an unknown function of the file /cgi-bin/system_diagnostic_main.asp. The manipulation results in improper access controls. This vulnerability is known as CVE-2025-29524. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in DASAN PON ONU H660WM OS H660WMR210825. This affects an unknown function of the component Modem Control Panel. The manipulation leads to use of default credentials. This vulnerability is traded as CVE-2025-29525. It is possible to initiate the attack remotely. There is no exploit available.

ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have full control over their organization’s ScreenConnect deployment. The campaign ScreenConnect, by US company ConnectWise, is a popular remote support and access solution tailored for IT departments and managed service providers (MSPs). The platform … More →

The post ScreenConnect admins targeted with spoofed login alerts appeared first on Help Net Security.

A vulnerability classified as critical was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. The impacted element is the function ping. Executing manipulation can lead to command injection. This vulnerability appears as CVE-2025-29522. The attack may be performed from a remote location. There is no available exploit.

A vulnerability classified as critical has been found in D-Link D-Link DI-8100 16.07.26A1. The affected element is the function qj_asp. Performing manipulation of the argument val/id results in buffer overflow. This vulnerability is reported as CVE-2025-51281. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as very critical has been identified in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. Impacted is an unknown function. Such manipulation leads to use of default credentials. This vulnerability is documented as CVE-2025-29521. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in DASAN GPON ONU H660WM H660WMR210825. This issue affects some unknown processing of the component UPnP Protocol WAN Handler. This manipulation causes improper access controls. This vulnerability is registered as CVE-2025-44178. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability labeled as critical has been found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. This vulnerability affects unknown code of the component Maintenance Module. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2025-29520. The attack may be launched remotely. There is no exploit available.