Aggregator
CVE-2025-10358 | Wavlink WL-WN578W2 221110 /cgi-bin/wireless.cgi sub_404850 delete_list os command injection (EUVD-2025-29091)
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-54104, CVE-2025-54109, and CVE-2025-54915, were all disclosed on September 9, 2025, and share similar characteristics. While exploitation requires local access, successful attacks could […]
The post Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Кажется, ваш сайт на WordPress взломали. И, скорее всего, вы сами в этом виноваты
【360漏洞云】邀您共度中秋,海量福利来袭!
CVE-2025-10325 | Wavlink WL-WN578W2 221110 /cgi-bin/login.cgi sub_401340/sub_401BA4 ipaddr command injection
Submit #643444: Wavlink WL-WN578W2 M78W2_V221110 Command Injection [Accepted]
Submit #643438: Wavlink WL-WN578W2 M78W2_V221110 Command Injection [Accepted]
Submit #643437: Wavlink WL-WN578W2 M78W2_V221110 Command Injection [Duplicate]
CVE-2025-10176 | The Hack Repair Guys Plugin Archiver Plugin up to 2.0.4 on WordPress prepare_items denial of service (EUVD-2025-29086)
CVE-2025-27240 | Zabbix up to 6.0.33/6.4.18/7.0.3 Visible name sql injection (EUVD-2025-29033 / WID-SEC-2025-2042)
CVE-2025-27238 | Zabbix up to 7.0.13/7.2.7 API hostprototype.get information disclosure (WID-SEC-2025-2042)
CVE-2025-7448 | Silabs Wi-SUN Stack 2.6.0 authentication spoofing (EUVD-2025-29030)
CVE-2025-27233 | Zabbix Agent 2 smartctl Plugin up to 6.0.39/7.0.10/7.2.4 Parameter smart.disk.get command injection (WID-SEC-2025-2042)
CVE-2025-27234 | Zabbix Agent 2 smartctl Plugin up to 5.0.46 Parameter smart.disk.get os command injection (EUVD-2025-29036 / WID-SEC-2025-2042)
CVE-2025-8699 | KioSoft Stored Value Unattended Payment Solution sensitive information
CVE-2025-10267 | NewType Infortech NUP Portal up to SP5.0 File Extension missing authentication (EUVD-2025-29037)
CVE-2025-10264 | Digiever DS-1200 exposure of sensitive system information to an unauthorized control sphere (EUVD-2025-29031)
EvilAI: Leveraging AI to Steal Browser Data and Evade Detection
EvilAI, a new malware family tracked by Trend™ Research, has emerged in recent weeks disguised as legitimate AI-driven utilities. These trojans sport professional user interfaces, valid code signatures, and functional features, allowing them to slip past both corporate and personal defenses undetected. Leveraging lightweight installers and AI-generated code, EvilAI rapidly establishes persistent footholds while masquerading […]
The post EvilAI: Leveraging AI to Steal Browser Data and Evade Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.