Aggregator

A vulnerability, which was classified as problematic, was found in Node.js up to 20.19.3/22.17.0/24.4.0. Impacted is an unknown function of the component Windows Device Name Handler. Executing manipulation can lead to path traversal. This vulnerability appears as CVE-2025-27210. The attack may be performed from remote. In addition, an exploit is available. You should upgrade the affected component.

In recent months, cybersecurity researchers have observed a surge in malicious domain registrations linked to an emerging e-crime group known as PoisonSeed. First identified in April 2025, this actor has focused its efforts on impersonating legitimate cloud-based email platforms, most notably SendGrid, to harvest enterprise credentials. By embedding fake Cloudflare CAPTCHA interstitials and Ray ID […]

The post PoisonSeed Threat Actor Registering New Domains in Attempt to Compromise Enterprise Credentials appeared first on Cyber Security News.

ИИ, который думает, а не топит дата-центры.

How to erase the personal data from your phone, tablets, and other devices (and why it's important when you're buying and selling them).

In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2 has flown under the radar, with scant public documentation demonstrating its use in live adversary operations. Our research dissects AdaptixC2’s capabilities, deployment techniques, and evasion mechanisms to equip security teams […]

The post Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. This vulnerability was named CVE-2025-9581. The attack may be initiated remotely. In addition, an exploit is available.

In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.

In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.

A vulnerability, which was classified as critical, was found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The identification of this vulnerability is CVE-2025-9582. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. This vulnerability is known as CVE-2025-10251. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability marked as problematic has been reported in Linux Kernel up to 6.7.11/6.8.2. This impacts the function smb_strndup_from_utf16 of the component ksmbd. Performing manipulation results in out-of-bounds read. This vulnerability was named CVE-2024-26954. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.

这篇文章主要是给没有学习过js逆向的师傅学习的，分享一些js逆向基础知识，js实战断点调试技巧以及后面分享js逆向靶场搭建以及js逆向前端加密对抗，拿微信小程序常用的AES、RSA和明文Sign 签名校验绕过几个方面给师傅们分享下操作技巧。最后分享下企业SRC实战案例。

从 mall 0day IDOR 挖掘看 Spring 权限管理

Hackers leveraged insecure Microsoft encryption technology known as RC4 to gain access to the network of the hospital chain Ascension, Sen. Ron Wyden said in a letter asking the Federal Trade Commission to investigate.

RC4 пережил эпоху модемов, но именно он стал дверью для вымогателей в крупнейшую медсеть США.

A vulnerability, which was classified as critical, has been found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. This vulnerability is reported as CVE-2025-9602. The attack is possible to be carried out remotely. Moreover, an exploit is present.