Aggregator

A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.5. Affected is an unknown function. The manipulation leads to insufficient verification of data authenticity. This vulnerability is traded as CVE-2024-56656. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

In a recent security advisory, a moderate-severity vulnerability has been identified in Apache Cassandra, potentially allowing unauthorized users to access restricted data centers or IP/CIDR groups. This flaw, designated CVE-2025-24860, affects multiple versions of the database management system, specifically those that utilize the CassandraNetworkAuthorizer and CassandraCIDRAuthorizer for managing network access permissions. Technical Details The vulnerability […]

The post Apache Cassandra Vulnerability Allows Attackers to Gain Access Data Centers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recently disclosed security vulnerability in the Voyager PHP package, a popular tool for managing Laravel applications, has raised significant concerns regarding the potential for remote code execution (RCE) on affected servers. This vulnerability, identified through ongoing security scans using SonarQube Cloud, could allow an authenticated user to inadvertently execute arbitrary code by clicking on […]

The post 1- Click RCE Vulnerability in Voyager PHP Allow Attackers Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A 59-year-old man from Irvine, California, was sentenced to 87 months in prison for his involvement in an investor fraud ring that stole $50 million between 2012 and October 2020. [...]

On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been identified as a significant security risk. This vulnerability allows attackers to execute remote code (RCE), […]

The post Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Vliegers optimaal trainen in een realistisch scenario met een gelijkwaardige tegenstander. Dat kan met nieuwe middelen die Defensie aanschaft. Daarmee is onder meer een vijandelijk luchtruim na te bootsen. Defensie zet hiermee ook een flinke stap naar een meer digitale krijgsmacht. Staatssecretaris Gijs Tuinman meldde dat gisteren aan de Kamer.

As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...]

Purchase Enhances Exposure Validation and Breach Simulation
AttackIQ has acquired Deep Surface to bolster its adversary exposure validation capabilities. The deal integrates vulnerability prioritization, identity discovery, and attack path analysis into AttackIQ’s breach and attack simulation platform, improving cybersecurity posture for enterprises.

Organizations and development teams need to evolve from "being prepared" to "managing the risk" of security breaches.

As cyber threats grow more sophisticated, ANY.RUN has unveiled a series of updates aimed at improving malware detection, analysis, and overall performance of its platform. These updates, implemented in January 2025, focus on optimizing the platform’s core functionality, enhancing detection capabilities, and addressing the evolving needs of cybersecurity professionals. System Optimizations Strengthen Performance ANY.RUN has […]

The post ANY.RUN Enhances Malware Detection and Performance to Combat 2025 Cyber Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in brandtoss WP Mailster Plugin up to 1.8.17.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-24598. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Landoweb Programador World Cup Predictor Plugin up to 1.9.6 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-22794. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Ksher Plugin up to 1.1.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization. This vulnerability is known as CVE-2025-22730. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Tribulant Newsletters Plugin up to 4.9.9.6 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-24599. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Traveler Code Plugin up to 3.1.0 on WordPress. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-22700. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in EmbedPress Document Block Plugin up to 1.1.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2025-22696. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Traveler Code Plugin up to 3.1.0 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-22699. The attack may be initiated remotely. There is no exploit available.