Aggregator

今日火绒收到反馈，浙江地区多家医院外网电脑遭受远控木马攻击，多人遭受不同程度的财产损失。该事件引起火绒团队高度重视，立即组织专项小组展开调查。经了解，该木马病毒通过钉钉、浙政钉、微信等即时聊天工具，以具有欺骗性文件名的钓鱼文件形式进行传播。

A major cybersecurity incident has struck the New South Wales court system, as cybercrime detectives investigate a significant data breach affecting the Department of Communities and Justice (DCJ). The breach targeted the NSW Online Registry Website (ORW), a critical platform that houses sensitive information related to both civil and criminal cases across the state. The […]

The post Massive Data Breach Hits NSW Online Registry: 9,000+ Files Stolen appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic was found in Husky Plugin up to 1.3.5.3 on WordPress. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-5039. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in Gianism Plugin up to 5.1.0 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-3921. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Playlist for Youtube Plugin up to 1.32 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-3937. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Smarty. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection. This vulnerability is known as CVE-2024-35226. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Zoho ManageEngine PAM360 6610. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-27313. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in University of Applied Sciences and Arts Hildesheim HAWKI. Affected by this issue is some unknown functionality of the file login.php of the component LDAP Authentication Handler. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. This vulnerability is handled as CVE-2024-25976. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in SamurAIGPT EmbedAI up to b2ad64a85aaec6c301ead16ce5865edaf13be608. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-5185. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Essential Addons for Elementor Pro Plugin up to 5.8.14 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-5086. The attack can be initiated remotely. There is no exploit available.

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud platform. [...]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

A vulnerability was found in JetBrains TeamCity. It has been rated as problematic. This issue affects some unknown processing of the component Commit Status Publisher. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-36371. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity. It has been declared as problematic. This vulnerability affects unknown code of the component Report Group Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-36366. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in JetBrains TeamCity. Affected is an unknown function of the component Code Inspection Report Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-36363. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in JetBrains TeamCity. Affected by this vulnerability is an unknown functionality of the component Third-Party Report Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-36367. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in JetBrains TeamCity. Affected by this issue is some unknown functionality of the component OAuth Provider Configuration Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-36368. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity. This affects an unknown part of the component Issue Tracker Integration. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-36369. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.