Aggregator
Lumma 信息窃取恶意软件在遭受执法打击后卷土重来
9 months ago
安全客
英特尔宣布终止 Clear Linux 项目,GitHub 仓库已归档
9 months ago
安全客
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
9 months ago
The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances.
The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day security flaws in various web applications to deploy cryptocurrency miners.
"Although
The Hacker News
2025AI Agent元年:当智能体拥有“行动力”,AI如何真正融入企业业务?
9 months ago
安全客
ChatGPT is rolling out 'personality' toggles to become your assistant
9 months ago
OpenAI is rolling out a new "personality" feature on the ChatGPT web app. This allows you to choose between multiple personalities, such as "Robot." [...]
Mayank Parmar
Заходят как свои — ломают как враги. Новый вымогатель под маской Windows
9 months ago
Всего за год компания успела поразить десятки крупных компаний, включая больницы.
How Businesses Prevent Credential Theft with Early Phishing Detection
9 months ago
Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a result, many businesses are left vulnerable to credential theft, often without realizing the threat until it’s too late. Early detection is key, and real-time analysis of suspicious emails, links, and files in a secure environment offers the solution. Let’s explore […]
The post How Businesses Prevent Credential Theft with Early Phishing Detection appeared first on Cyber Security News.
Balaji N
JavaScript Form-Data security advisory (AV25-448)
9 months ago
Canadian Centre for Cyber Security
Profil3r: An OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses
9 months ago
Profil3r: An OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses
Dark Web Informer - Cyber Threat Intelligence
CVE-2024-22653 | yasm 9defefae section.c yasm_section_bcs_append null pointer dereference (Nessus ID 242594)
9 months ago
A vulnerability, which was classified as problematic, has been found in yasm 9defefae. Affected by this issue is the function yasm_section_bcs_append of the file section.c. The manipulation leads to null pointer dereference.
This vulnerability is handled as CVE-2024-22653. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com
XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine
9 months ago
XSS.IS has been seized after its admin was arrested in Ukraine, however its dark web and mirror domains only show a 504 Gateway Timeout error.
Waqas
Everest
9 months ago
You must login to view this content
cohenido
Everest
9 months ago
You must login to view this content
cohenido
Everest
9 months ago
You must login to view this content
cohenido
CVE-2025-46001 | Filemanager 2.3.0 PHP File is_allowed_file_type unrestricted upload (Exploit 38895 / EUVD-2025-21880)
9 months ago
A vulnerability, which was classified as critical, was found in Filemanager 2.3.0. Affected is the function is_allowed_file_type of the component PHP File Handler. The manipulation leads to unrestricted upload.
This vulnerability is traded as CVE-2025-46001. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7242 | CADImage Plugin on IrfanView DWG File Parser out-of-bounds (EUVD-2025-22245)
9 months ago
A vulnerability classified as critical has been found in CADImage Plugin on IrfanView. This affects an unknown part of the component DWG File Parser. The manipulation leads to out-of-bounds read.
This vulnerability is uniquely identified as CVE-2025-7242. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-7243 | CADImage Plugin on IrfanView DWG File Parser memory corruption (EUVD-2025-22244)
9 months ago
A vulnerability classified as critical was found in CADImage Plugin on IrfanView. This vulnerability affects unknown code of the component DWG File Parser. The manipulation leads to memory corruption.
This vulnerability was named CVE-2025-7243. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-7261 | CADImage Plugin on IrfanView DWG File Parser out-of-bounds (EUVD-2025-22226)
9 months ago
A vulnerability was found in CADImage Plugin on IrfanView. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component DWG File Parser. The manipulation leads to out-of-bounds read.
This vulnerability is known as CVE-2025-7261. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-42947 | SAP FICA ODN framework up to SAPSCORE 132 inject code injection (EUVD-2025-22407)
9 months ago
A vulnerability, which was classified as critical, was found in SAP FICA ODN framework up to SAPSCORE 132. Affected is an unknown function. The manipulation of the argument inject leads to code injection.
This vulnerability is traded as CVE-2025-42947. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com