Aggregator

Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

Security Affairs
3 months 1 week ago
A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy Cobalt Strike and VShell. Cisco Talos researchers attribute the exploitation of the CVE-2025-0994 in Trimble Cityworks to Chinese-speaking threat actor UAT-6382, based on tools and TTPs used in the intrusions. The vulnerability CVE-2025-0994 (CVSS v4 score of 8.6) is a […]
Pierluigi Paganini

使用 LLM 和嵌入模型进行技术识别与威胁行为者归因

Seebug Paper
3 months 1 week ago
作者:Kyla Guru, Robert J. Moss, Mykel J. Kochenderfer 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/pdf/2505.11547v1 摘要 网络攻击的归因对于防御者来说是一个复杂但至关重要的挑战。目前,从密集的取证文档中手动提取行为指标会导致显著的归因延迟,尤其是在国际规模的重大事件之后。本研究评估了大型语言...

CVE-2025-5105 | TOZED ZLT W51 up to 1.4.2 Service Port 7777 heap inspection

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. This vulnerability is handled as CVE-2025-5105. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months 1 week ago

On May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that threat actors exploited a zero-day vulnerability (CVE-2025-3928) in Commvault’s web […]

The post CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

CVE-2025-48708 | Artifex Ghostscript up to 10.05.0 base/gslibctx.c gs_lib_ctx_stash_sanitized_arg improper removal of sensitive information before storage or transfer

VulDB Recent Entries
3 months 1 week ago
A vulnerability, which was classified as problematic, was found in Artifex Ghostscript up to 10.05.0. Affected is the function gs_lib_ctx_stash_sanitized_arg of the file base/gslibctx.c. The manipulation leads to improper removal of sensitive information before storage or transfer. This vulnerability is traded as CVE-2025-48708. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-5098 | Mobile Dynamix PrinterShare Mobile Print App 12.15.01 on Android Gmail Authentication Token information disclosure

VulDB Recent Entries
3 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Mobile Dynamix PrinterShare Mobile Print App 12.15.01 on Android. This issue affects some unknown processing of the component Gmail Authentication Token Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-5098. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com

CVE-2025-5100 | Mobile Dynamix PrinterShare Mobile Print 12.15.01 Image File double free

VulDB Recent Entries
3 months 1 week ago
A vulnerability classified as critical was found in Mobile Dynamix PrinterShare Mobile Print 12.15.01. This vulnerability affects unknown code of the component Image File Handler. The manipulation leads to double free. This vulnerability was named CVE-2025-5100. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com

CVE-2025-5099 | Mobile Dynamix PrinterShare Mobile Print 12.15.01 PDF Rendering out-of-bounds write

VulDB Recent Entries
3 months 1 week ago
A vulnerability classified as critical has been found in Mobile Dynamix PrinterShare Mobile Print 12.15.01. This affects an unknown part of the component PDF Rendering. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2025-5099. Access to the local network is required for this attack. There is no exploit available.
vuldb.com

CVE-2025-4338 | Lantronix Device Installer up to 4.4.0.7 xml external entity reference (icsa-25-142-01)

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in Lantronix Device Installer up to 4.4.0.7. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to xml external entity reference. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-4338. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2025-48695 | CyberDAVA up to 1.1.19 API ROLE privileges assignment

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in CyberDAVA up to 1.1.19. It has been classified as critical. Affected is an unknown function of the file /api/v2/users/user//role/ROLE/ of the component API. The manipulation leads to incorrect privilege assignment. This vulnerability is traded as CVE-2025-48695. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad