Aggregator

Submit #554696 / VDB-305651

逸·编译器

逸·编译器

A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads to sql injection. This vulnerability was named CVE-2025-3797. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #554695 / VDB-302030

A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/contact-us.php. The manipulation of the argument pagetitle/pagedes/email/mobnumber/timing leads to sql injection. This vulnerability is uniquely identified as CVE-2025-3796. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #554660 / VDB-305650

A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-3795. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #554659 / VDB-305649

Submit #554639 / VDB-305648

Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won't drive up security maturity for operational technology unless they're made to.

The rapid evolution of generative AI has fundamentally transformed the landscape of cybersecurity, especially in the context of red teaming. Traditionally, red teams have focused on simulating adversarial attacks to uncover vulnerabilities in networks, software, and infrastructure. However, the unpredictable and dynamic nature of generative AI models has introduced new challenges and opportunities for red […]

The post How Generative AI is Changing Red Team Tactics appeared first on Cyber Security News.

Submit #554611 / VDB-285918

Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy when dealing with trusted family, friends and colleagues, threat actors have started abusing it to install malware on targets’ computer. The Zoom remote control attack This specific tactic has been leveraged by an individual or group that The Security Alliance (SEAL) – a nonprofit dedicated to … More →

The post The Zoom attack you didn’t see coming appeared first on Help Net Security.

Digital transformation is no longer a buzzword it is a strategic imperative for organizations seeking to stay competitive in an ever-evolving landscape. As businesses embrace cloud computing, artificial intelligence, IoT, and remote work, the attack surface expands exponentially. This evolution brings unprecedented opportunities for innovation, efficiency, and customer engagement, but it also introduces complex security […]

The post Securing the Digital Transformation Journey – What CISOs Must Consider appeared first on Cyber Security News.

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike. [...]