Aggregator

Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 2 weeks ago

Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email security measures. Blob URIs, typically used by browsers to handle temporary data like images, audio, or video files, are now being weaponized by threat actors […]

The post Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

The Hackers News
10 months 2 weeks ago
ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that's designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by communicating with a
The Hacker News

Google Reaches $1.4 Billion Privacy Settlement With Texas

Ransomware DataBreachToday.com
10 months 2 weeks ago
State Accused Tech Giant of Geolocation, Incognito Search, Biometric Violations
Texas has reached a nearly $1.4 billion settlement agreement with technology giant Alphabet after accusing its Google subsidiary of violating state privacy laws via its geolocation, incognito search and biometric data capture and retention practices.

CVE-2025-45835 | Netis WF2880 2.1.40207 Environment Variable cgitest.cgi FUN_004904c8 CONTENT_LENGTH null pointer dereference

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability classified as problematic has been found in Netis WF2880 2.1.40207. This affects the function FUN_004904c8 of the file cgitest.cgi of the component Environment Variable Handler. The manipulation of the argument CONTENT_LENGTH leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-45835. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2020-0882 | Microsoft Windows up to Server 2019 GDI information disclosure

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Microsoft Windows. It has been classified as problematic. This affects an unknown part of the component GDI. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-0882. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Managed ad