Aggregator

Attackers exploit Fortinet flaws to deploy Qilin ransomware(link is external)

Security Affairs
2 months 3 weeks ago
Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices. Threat intelligence firm PRODAFT warned that Qilin ransomware (aka Phantom Mantis) group targeted multiple organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762, and CVE-2024-55591. “Phantom Mantis recently launched a coordinated intrusion campaign targeting multiple organizations between […]
Pierluigi Paganini

ISMG Editors: Infosecurity Europe Conference 2025 Wrap-Up(link is external)

Ransomware DataBreachToday.com
2 months 3 weeks ago
Also: AI's Promise and Pitfalls and Why Community, Communication, and Basics Matter
Live from Infosecurity Europe 2025 in London, ISMG editors and guest CISO Ian Thornton-Trump wrap up a week of standout insights - from AI-driven security and operational resilience to supply chain risk and mental health in cyber. A celebration of community, innovation and cybersecurity basics.

DA: Sleep Center Worker Installed Secret Camera in Bathrooms(link is external)

Ransomware DataBreachToday.com
2 months 3 weeks ago
Ex-Employee Faces Criminal Charges; Hospital Reports Incident as Big HIPAA Breach
A former worker of a New York hospital's sleep disorders center has been indicted on criminal charges alleging he hid cameras in the facility's bathrooms to record videos of staff and patients. The hospital reported the incident to federal regulators as a HIPAA breach affecting thousands.

Ensuring Certainty in NHIs Lifecycle Management(link is external)

Security Boulevard
2 months 3 weeks ago

What Role does Certainty Play in the Management of NHIs Lifecycle? Where data breaches and cyber-threats pose significant risks, any security professional worth their salt knows the importance of having robust and efficient management practices. NHIs lifecycle management serves as one of the cornerstones of modern cybersecurity efforts. It helps curtail these risks by providing […]

The post Ensuring Certainty in NHIs Lifecycle Management appeared first on Entro.

The post Ensuring Certainty in NHIs Lifecycle Management appeared first on Security Boulevard.

Alison Mack

Are Your Cloud NHIs Truly Protected?(link is external)

Security Boulevard
2 months 3 weeks ago

Are You Doing Enough to Secure Your Cloud NHIs? Is your organization’s cloud security robust enough to protect your non-human identities (NHIs)? This is a question that has been increasingly haunting CISOs, cybersecurity professionals, and businesses thriving in the cloud. With cloud computing continues to revolutionize industries like finance, travel, healthcare, and DevOps, the need […]

The post Are Your Cloud NHIs Truly Protected? appeared first on Entro.

The post Are Your Cloud NHIs Truly Protected? appeared first on Security Boulevard.

Alison Mack

Unleashing Powerful Cloud-Native Security Techniques(link is external)

Security Boulevard
2 months 3 weeks ago

Is Managing Non-Human Identities the Key to Achieving Robust Cloud-Native Security? Where humans and machines square off, intent on breaching each other’s defenses. However, an important facet often goes unnoticed – Non-Human Identities (NHIs). NHIs are machine identities, especially in the context of cloud-native security. Understanding the Strategic Importance of NHI NHIs are crafted by […]

The post Unleashing Powerful Cloud-Native Security Techniques appeared first on Entro.

The post Unleashing Powerful Cloud-Native Security Techniques appeared first on Security Boulevard.

Alison Mack

Why Securing NHIs Reduces Your Cyber Risk(link is external)

Security Boulevard
2 months 3 weeks ago

Why is NHI Security Critical in Risk Management? Have you ever considered the potential security risk lurking? The reality is that the growing complexity of IT infrastructures, particularly in the cloud, presents new challenges for risk management and cyber protection. Among the most notable security risks lies in the management of Non-Human Identities (NHIs). Overseeing […]

The post Why Securing NHIs Reduces Your Cyber Risk appeared first on Entro.

The post Why Securing NHIs Reduces Your Cyber Risk appeared first on Security Boulevard.

Alison Mack

CVE-2025-5612 | PHPGurukul Online Fire Reporting System 1.2 /reporting.php fullname sql injection (EUVD-2025-16921)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the argument fullname leads to sql injection. This vulnerability was named CVE-2025-5612. The attack can be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2025-5613 | PHPGurukul Online Fire Reporting System 1.2 /request-details.php requestid sql injection (EUVD-2025-16929)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /request-details.php. The manipulation of the argument requestid leads to sql injection. The identification of this vulnerability is CVE-2025-5613. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5616 | PHPGurukul Online Fire Reporting System 1.2 /admin/profile.php mobilenumber sql injection (EUVD-2025-16938)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. This vulnerability is handled as CVE-2025-5616. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2025-5618 | PHPGurukul Online Fire Reporting System 1.2 /admin/edit-team.php teamid sql injection (EUVD-2025-16935)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code of the file /admin/edit-team.php. The manipulation of the argument teamid leads to sql injection. This vulnerability was named CVE-2025-5618. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5619 | Tenda CH22 1.0.0.1 /goform/addUserName formaddUserName Password stack-based overflow (EUVD-2025-16934)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-5619. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5617 | PHPGurukul Online Fire Reporting System 1.2 /admin/manage-teams.php teamid sql injection (EUVD-2025-16937)(link is external)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument teamid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-5617. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad