Aggregator

A vulnerability was found in joomcar Articles Good Search Extension up to 1.2.4.0011 on Joomla. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-26854. It is possible to launch the attack remotely. There is no exploit available.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

• CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector

A vulnerability classified as problematic was found in Leviton AcquiSuite and Energy Monitoring Hub. This vulnerability affects unknown code of the component URL Parameter Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-6185. The attack can be initiated remotely. There is no exploit available.

Cambodian police and military arrested more than 1,000 people in a crackdown on cyberscam operations that have proliferated in recent years in Southeast Asia and now are spreading globally, ensnaring hundreds of thousands of people in human trafficking schemes who are forced to run romance and other online frauds.

The post Cambodia Arrests More Than 1,000 in Cyberscam Crackdown appeared first on Security Boulevard.

A critical vulnerability in macOS allows attackers to escalate privileges to root access through misconfigured daemon services.  The vulnerability, dubbed “Daemon Ex Plist,” exploits weaknesses in how macOS handles service property list (plist) files and has been found to affect multiple popular VPN applications and other software. Key Takeaways1. macOS daemons left behind in /Library/LaunchDaemons/ […]

The post New “Daemon Ex Plist” Vulnerability Gives Attackers Root Access on macOS appeared first on Cyber Security News.

A vulnerability was found in Balbooa Gallery Component up to 2.4.0 on Joomla. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Gallery Item Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-49486. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Balbooa Forms Component up to 2.3.1.1 on Joomla. It has been classified as critical. Affected is an unknown function. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-49485. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in rsjoomla RSFiles Component up to 1.17.7 on Joomla and classified as problematic. This issue affects some unknown processing of the component Search. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-50057. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in joomsky JS Jobs Component up to 1.4.1 on Joomla and classified as critical. This vulnerability affects unknown code. The manipulation of the argument cvid leads to sql injection. This vulnerability was named CVE-2025-49484. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate, Endpoint Antivirus for Windows, Endpoint Security for Windows, Small Business Security, Safe Server, Server Security for Windows Server, Mail Security for Microsoft Exchange Server and Security for Microsoft SharePoint Server. This affects an unknown part. The manipulation leads to time-of-check time-of-use. This vulnerability is uniquely identified as CVE-2025-2425. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in rsjoomla RSBlog Component up to 1.14.5 on Joomla. Affected by this issue is some unknown functionality. The manipulation of the argument jform[tags_text] leads to cross site scripting. This vulnerability is handled as CVE-2025-50126. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in rsjoomla RSDirectory Component up to 2.2.8 on Joomla. Affected by this vulnerability is an unknown functionality of the component Review Reply. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-50058. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in rsjoomla RSMail Component up to 1.22.28 on Joomla. Affected is an unknown function. The manipulation of the argument crafted leads to cross site scripting. This vulnerability is traded as CVE-2025-50056. It is possible to launch the attack remotely. There is no exploit available.

Хакеры исчезли с криптой, оставив в блокчейне лишь цифровые следы.

We must pay attention to what holds everything together - the glue. That’s where the real MCP vulnerabilities are hiding. 

The post Critical MCP Vulnerabilities are Slipping Through the Cracks appeared first on Security Boulevard.

Hackers breached Anne Arundel Dermatology systems for three months, potentially exposing personal and health data of 1.9 million people. Anne Arundel Dermatology is a physician-owned and managed dermatology group headquartered in Maryland, founded over 50 years ago. It’s one of the largest dermatology providers in the Mid‑Atlantic and Southeastern United States, operating more than 100 […]

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that's designed to deliver a malware codenamed LAMEHUG. "An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description)," CERT-UA said in a Thursday advisory. The activity has been attributed with medium

Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz. "NVIDIA Container Toolkit for all platforms contains a

Google 起诉了 25 名僵尸网络 BadBox 2.0 的中国籍运营者。Google 在起诉书中称，截至 2025 年 4 月，BadBox 2.0 感染了全世界逾 1000 万台基于 Android AOSP 系统的设备，包括电视盒、平板、投影仪和车载休闲娱乐系统。BadBox 2.0 是迄今为止发现的规模最大的联网电视僵尸网络。Google 称 BadBox 2.0 的活动干扰了 Google 与客户的关系，损害其声誉，破坏其产品和服务的价值。由于所有被告都在中国，而中美之间很少引渡嫌疑人，因此诉讼不太可能追究到任何被告的责任。