Aggregator

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

Security Affairs
3 months ago
“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years and eight months in jail for laundering $7.3B from a crypto scam that defrauded 128K […]
Pierluigi Paganini

CVE-2025-59253

CVE Trends
3 months ago
Currently trending CVE - Hype Score: 11 - Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

CVE-2025-41253

CVE Trends
3 months ago
Currently trending CVE - Hype Score: 13 - The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: * The application is using ...

CVE-2025-49844

CVE Trends
3 months ago
Currently trending CVE - Hype Score: 5 - Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem ...

SecureVibes – AI Tool Scans for Vulnerabilities in 11 Languages with Claude AI Agents

Cyber Security News
3 months ago

In the fast-paced world of “vibecoding,” where developers use AI to build applications rapidly, a new open-source tool is stepping up to tackle security risks. SecureVibes, created by developer Anshuman Bhartiya, leverages Anthropic’s Claude AI through a multi-agent system to detect vulnerabilities in codebases automatically. Released in October 2025, this Python-based scanner aims to make […]

The post SecureVibes – AI Tool Scans for Vulnerabilities in 11 Languages with Claude AI Agents appeared first on Cyber Security News.

Guru Baran

CVE-2025-12840 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

VulDB Recent Entries
3 months ago
A vulnerability marked as critical has been reported in AcademySoftwareFoundation OpenEXR. This issue affects some unknown processing of the component EXR File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is referenced as CVE-2025-12840. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-12839 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

VulDB Recent Entries
3 months ago
A vulnerability labeled as critical has been found in AcademySoftwareFoundation OpenEXR. This vulnerability affects unknown code of the component EXR File Parser. Executing manipulation can lead to heap-based buffer overflow. The identification of this vulnerability is CVE-2025-12839. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-12495 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

VulDB Recent Entries
3 months ago
A vulnerability categorized as critical has been discovered in AcademySoftwareFoundation OpenEXR. Affected by this issue is some unknown functionality of the component EXR File Parser. Such manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-12495. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

Tor Browser 15.0.1 Update Patches Several High-Risk Security Flaws

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months ago

The Tor Project has released a fresh update for its privacy-focused web browser. Tor Browser 15.0.1 is now available and addresses several high-risk security issues that could have compromised users’ privacy. This update is recommended for all users who want to stay secure on the internet and keep their information private. You can download Tor […]

The post Tor Browser 15.0.1 Update Patches Several High-Risk Security Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2025-11994 | Easy Email Subscription Plugin up to 1.3 on WordPress Name cross site scripting (EUVD-2025-124904)

VulDB Recent Entries
3 months ago
A vulnerability was found in Easy Email Subscription Plugin up to 1.3 on WordPress. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. This manipulation of the argument Name causes cross site scripting. This vulnerability is handled as CVE-2025-11994. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

CVE-2025-11454 | Specific Content for Mobile Plugin up to 0.5.5 on WordPress eos_scfm_duplicate_post_as_draft sql injection (EUVD-2025-124905)

VulDB Recent Entries
3 months ago
A vulnerability was found in Specific Content for Mobile Plugin up to 0.5.5 on WordPress. It has been classified as critical. This impacts the function eos_scfm_duplicate_post_as_draft. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-11454. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-12113 | Alt Text Generator AI Plugin up to 1.8.3 on WordPress atgai_delete_api_key authorization

VulDB Recent Entries
3 months ago
A vulnerability has been found in Alt Text Generator AI Plugin up to 1.8.3 on WordPress and classified as critical. The impacted element is the function atgai_delete_api_key. Performing manipulation results in missing authorization. This vulnerability is reported as CVE-2025-12113. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

Managed ad