Dire Wolf
You must login to view this content
Aggregator
Dire Wolf
3 months 1 week ago
You must login to view this content
cohenido
Word to the wise: Beware of fake Docusign emails
3 months 1 week ago
Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data
Onbekende Russische groep achter hacks Nederlandse doelen
3 months 1 week ago
Een tot nu toe onbekende Russische cybergroep zit achter de hacks op verschillende Nederlandse organisaties, waaronder de politie in september 2024. Bij de politie werden werkgerelateerde contactgegevens buitgemaakt. De diensten hebben niet kunnen vaststellen dat er ook andere gegevens zijn gestolen.
Akira
3 months 1 week ago
You must login to view this content
cohenido
Куки-баннеры больше не будут водить людей за нос — суд приказал играть по-честному
3 months 1 week ago
Кнопки «Принять всё» и «Отклонить всё» теперь на равных.
Safepay
3 months 1 week ago
You must login to view this content
cohenido
Интернет с орбиты за 107 миллиардов: сигнал придёт даже туда, где нет дорог
3 months 1 week ago
«Нет сигнала»: у России два года, чтобы это изменить.
2025北京网络安全大会 (BCS) 亮点抢先看
3 months 1 week ago
大会将于6月5日开幕
医疗厂商泄露近240万客户健康信息,赔偿超1.1亿元
3 months 1 week ago
泄露了近240万客户身份、保险、医疗及治疗等信息
Криптобиржи — это казино. Только без алкоголя и с комиссией за каждый вдох
3 months 1 week ago
Пока ты веришь в независимость, тебя доят алгоритмы, написанные под чужую яхту.
New Android Malware GhostSpy Grants Attackers Full Control Over Infected Devices
3 months 1 week ago
A chilling new Android malware, dubbed GhostSpy, has emerged as a significant threat to mobile security, according to a detailed report by CYFIRMA. This high-risk malware employs advanced evasion, persistence, and surveillance techniques to seize complete control over infected devices. With capabilities ranging from keylogging to bypassing banking app protections, GhostSpy poses a severe risk […]
The post New Android Malware GhostSpy Grants Attackers Full Control Over Infected Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
“Гугл, найди мне смысл жизни!” — “Вот, держите скидку на онлайн-курсы и новый фитнес-трекер”
3 months 1 week ago
Теперь даже поисковая строка пытается вытянуть из вас деньги.
Adidas warns of data breach after customer service provider hack
3 months 1 week ago
German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. [...]
Sergiu Gatlan
CVE-2025-5226 | PHPGurukul Small CRM 3.0 change-password.php oldpass sql injection
3 months 1 week ago
A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection.
This vulnerability was named CVE-2025-5226. The attack can be initiated remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
CVE-2025-5227 | PHPGurukul Small CRM 3.0 manage-tickets.php aremark sql injection
3 months 1 week ago
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection.
The identification of this vulnerability is CVE-2025-5227. The attack may be initiated remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
CVE-2025-5228 | D-Link DI-8100 up to 20250523 jhttpd /login.cgi httpd_get_parm notify stack-based overflow
3 months 1 week ago
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2025-5228. The attack can only be initiated within the local network. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-48054 | radashi up to 12.5.0 set path prototype pollution (GHSA-2xv9-ghh9-xc69)
3 months 1 week ago
A vulnerability was found in radashi up to 12.5.0. It has been classified as critical. This affects the function Set. The manipulation of the argument path leads to improperly controlled modification of object prototype attributes ('prototype pollution').
This vulnerability is uniquely identified as CVE-2025-48054. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48382 | codelibs fess up to 14.19.1 org.codelibs.fess.helper.SystemHelper createTempFile permission assignment (GHSA-g88v-2j67-9rmx)
3 months 1 week ago
A vulnerability was found in codelibs fess up to 14.19.1. It has been declared as problematic. This vulnerability affects the function createTempFile of the component org.codelibs.fess.helper.SystemHelper. The manipulation leads to incorrect permission assignment.
This vulnerability was named CVE-2025-48382. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48742 | SIGB PMB prior 8.0.1.2 Installer missing authentication
3 months 1 week ago
A vulnerability was found in SIGB PMB. It has been rated as critical. This issue affects some unknown processing of the component Installer. The manipulation leads to missing authentication.
The identification of this vulnerability is CVE-2025-48742. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com