Aggregator

A vulnerability has been found in Zoho ManageEngine Applications Manager up to 174000 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is known as CVE-2024-41140. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in badhonrocks Divi Torque Lite Plugin up to 4.1.0 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-0353. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in sovica Target Video Easy Publish Plugin up to 3.8.3 on WordPress. This issue affects the function brid_override_yt of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-13561. The attack may be initiated remotely. There is no exploit available.

Специалисты разгадали механику опасной и опытной группировки.

In this article, we shall explore different tools & techniques that help us enumera

Currently trending CVE - hypeScore: 3 - A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication.

Сервис помогал мошенникам обворовывать банки.

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique capabilities not previously seen in Mirai derivatives. The malware exploits CVE-2024-41710, a command injection vulnerability […]

The post New Aquabot Malware Actively Exploiting Mitel SIP phones injection vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic was found in Trellix HX Console 5.1.1. This vulnerability affects unknown code of the component Data Handler. The manipulation leads to xml entity expansion. This vulnerability was named CVE-2025-0617. The attack can be initiated remotely. There is no exploit available.

Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular framework and cross-platform capabilities across Windows, macOS, and Linux. SparkRAT’s Communication Originally released on GitHub […]

The post Hackers Attacking Windows, macOS, and Linux systems With SparkRAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Китайский ИИ с открытым кодом постепенно начал менять реальность.

 A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in the cybersecurity community. Leveraging a buffer overflow vulnerability within the Windows Common Log File System (CLFS), researchers have released a proof-of-concept (PoC) exploit, showcasing the critical risks associated with the flaw. The vulnerability, which was identified and patched by Microsoft in December […]

The post Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 – PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new ransomware gang, Hellcat, emerged on dark web forums in 2024, targeting critical infrastructure, government organizations, educational institutions, and the energy sector. Operating on a ransomware-as-a-service (RaaS) model, Hellcat offers ransomware tools and infrastructure to affiliates in exchange for a profit share. The group relies on double extortion techniques, combining data theft with system […]

The post Hellcat Ransomware Attacking Government Organizations & Educational Institutions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen area

Table of LinksAbstract and 1 Introduction2 Background and Motivation2.1 Decentralized Computing I

Nederlandse F-35-gevechtsvliegtuigen hebben 4 keer Russische vliegtuigen boven de Oostzee onderschept. De toestellen naderden het NAVO-verdragsgebied. Een overzicht van Defensieoperaties in de week van 22 januari tot en met 28 januari 2025.

Vulnerability / Threat IntelligenceA team of security researchers from Georgia Institute of Techno

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the

The Australian Government has awarded a $6.4 million grant to CI-ISAC Australia, enabling the

A vulnerability classified as problematic has been found in axios up to 1.7.7. This affects an unknown part of the file lib/helpers/isURLSameOrigin.js. The manipulation leads to origin validation error. This vulnerability is uniquely identified as CVE-2024-57965. It is possible to initiate the attack remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment. It is recommended to upgrade the affected component.