Aggregator

Law enforcement operation shut down dark web drug marketplace Archetyp Market(link is external)

Security Affairs
21 hours 29 minutes ago
Europol shut down Archetyp Market, a major dark web drug marketplace, in a global operation with arrests and takedowns. An international law enforcement operation led by Europol dismantled Archetyp Market, the most enduring dark web marketplace. The marketplace enabled the anonymous trade of illicit drugs, including cocaine, MDMA, amphetamines, and synthetic opioids. Between June 11 […]
Pierluigi Paganini

Malicious Payload Found in JPEG Image Using Steganography and Base64 Obfuscation(link is external)

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
21 hours 56 minutes ago

Cybersecurity enthusiast Xavier shed light on a sophisticated method of hiding malicious payloads within seemingly innocuous JPEG images. This discovery has sparked significant interest in the infosec community, as it highlights the growing complexity of cyber threats leveraging steganography the art of concealing data within other data. Through dynamic analysis, researchers can uncover these hidden […]

The post Malicious Payload Found in JPEG Image Using Steganography and Base64 Obfuscation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Finding Your Perfect CIAM Match: A SaaS Leader’s Guide to Identity Solutions(link is external)

Security Boulevard
22 hours 1 minute ago

Selecting the right CIAM solution for your SaaS application represents a strategic decision that will impact your customer experience, development velocity, and ability to scale for years to come. The key to success lies not in choosing the solution with the most features or the lowest price, but in selecting the solution that best aligns with your specific context and growth trajectory.

The post Finding Your Perfect CIAM Match: A SaaS Leader’s Guide to Identity Solutions appeared first on Security Boulevard.

Dev Kumar

CVE-2025-49795 | libxml Schematron Schema Report xmlSchematronFormatReport null pointer dereference (EUVD-2025-18416)(link is external)

Vuldb Updates
22 hours 6 minutes ago
A vulnerability has been found in libxml and classified as problematic. This vulnerability affects the function xmlSchematronFormatReport of the component Schematron Schema Report Handler. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-49795. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-6123 | code-projects Restaurant Order System 1.0 /payment.php tabidNoti sql injection (EUVD-2025-18411)(link is external)

Vuldb Updates
22 hours 6 minutes ago
A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argument tabidNoti leads to sql injection. This vulnerability was named CVE-2025-6123. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network(link is external)

The Hackers News
22 hours 8 minutes ago
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.
The Hacker News

CVE-2025-3594 | Liferay Portal/DXP Xuggler path traversal (EUVD-2025-18408)(link is external)

Vuldb Updates
22 hours 22 minutes ago
A vulnerability was found in Liferay Portal and DXP. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component Xuggler. The manipulation of the argument _com_liferay_server_admin_web_portlet_ServerAdminPortlet_jarName leads to path traversal. This vulnerability is known as CVE-2025-3594. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-6127 | PHPGurukul Nipah Virus Testing Management System 1.0 /search-report.php serachdata cross site scripting (EUVD-2025-18405)(link is external)

Vuldb Updates
22 hours 22 minutes ago
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search-report.php. The manipulation of the argument serachdata leads to cross site scripting. This vulnerability is handled as CVE-2025-6127. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6128 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formWirelessTbl submit-url buffer overflow (EUVD-2025-18413)(link is external)

Vuldb Updates
22 hours 22 minutes ago
A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This affects an unknown part of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-6128. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2023-42795 | Apache Tomcat up to 8.5.93/9.0.80/10.1.13/11.0.0-M11 Recycling information disclosure (DLA 3617-1 / Nessus ID 210913)(link is external)

Vuldb Updates
22 hours 35 minutes ago
A vulnerability has been found in Apache Tomcat up to 8.5.93/9.0.80/10.1.13/11.0.0-M11 and classified as problematic. This vulnerability affects unknown code of the component Recycling Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2023-42795. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47055 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / Nessus ID 238053)(link is external)

Vuldb Updates
22 hours 35 minutes ago
A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5.22. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-47055. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47050 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / Nessus ID 238053)(link is external)

Vuldb Updates
22 hours 35 minutes ago
A vulnerability was found in Adobe Experience Manager up to 6.5.22. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-47050. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad