Aggregator

CVE-2026-0612 | TheLibrarian up to 1.0 web_fetch exposure of sensitive system information to an unauthorized control sphere

2 months 2 weeks ago

A vulnerability categorized as problematic has been discovered in TheLibrarian up to 1.0. Impacted is an unknown function of the component web_fetch. Executing a manipulation can lead to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is handled as CVE-2026-0612. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2025-14435 | Mattermost up to 10.11.8/11.0.6/11.1.1 allocation of resources

VulDB Recent Entries

2 months 2 weeks ago

A vulnerability was found in Mattermost up to 10.11.8/11.0.6/11.1.1. It has been rated as critical. This issue affects some unknown processing. Performing a manipulation results in allocation of resources. This vulnerability is known as CVE-2025-14435. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

vuldb.com

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)

Help Net Security

2 months 2 weeks ago

Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been exploited as a zero-day by suspected Chinese attackers since at least late November 2025. The company revealed the flaw’s existence and in-the-wild exploitation on December 17, 2025, and urged customers to check whether their appliances had been breached and to rebuild them in case of … More →

The post Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) appeared first on Help Net Security.

Zeljka Zorz

CVE-2025-15104 | Validator.nu Nu Html Checker 127.0.0.1 server-side request forgery

VulDB Recent Entries

2 months 2 weeks ago

A vulnerability was found in Validator.nu Nu Html Checker 127.0.0.1. It has been declared as critical. This vulnerability affects unknown code. Such manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2025-15104. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-14894 | Bee Interactive Livewire Filemanager 0.x LivewireFilemanagerComponent.php unrestricted upload

VulDB Recent Entries

2 months 2 weeks ago

A vulnerability was found in Bee Interactive Livewire Filemanager 0.x. It has been classified as critical. This affects an unknown part of the file LivewireFilemanagerComponent.php. This manipulation causes unrestricted upload. This vulnerability appears as CVE-2025-14894. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

vuldb.com

Никакой Windows, никаких лицензий. Вышел Wine 11.0 — главный способ запускать нужный софт на Linux и Mac

Securitylab.ru

2 months 2 weeks ago

В новой версии запуск старых приложений стал проще, быстрее и компактнее.

Why Traditional Firewalls Fail Against Today’s High-Volume DDoS Attacks

Security Boulevard

2 months 2 weeks ago

Traditional firewalls can’t stop modern DDoS attacks. Learn why high-volume, multi-layer attacks overwhelm perimeter defenses—and how to build real DDoS resilience.

The post Why Traditional Firewalls Fail Against Today’s High-Volume DDoS Attacks appeared first on Security Boulevard.

Tim Ferguson

Canadian investment regulator confirms hackers hit 750,000 investors

The Record

2 months 2 weeks ago

The nongovernmental Canadian Investment Regulatory Organization, which oversees the country's debt and equity marketplaces as well as some financial institutions, released details about an August 2025 data breach.

CVE-2025-12420

CVE Trends

2 months 2 weeks ago

Currently trending CVE - Hype Score: 1 - A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a ...

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

The Hackers News

2 months 2 weeks ago

Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. "The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account

The Hacker News

Akira

Dark Feed IO

2 months 2 weeks ago

You must login to view this content

cohenido

Akira

Dark Feed IO

2 months 2 weeks ago

You must login to view this content

cohenido

Akira

Dark Feed IO

2 months 2 weeks ago

You must login to view this content

cohenido

Суперземли оказались пригодны для жизни — расплавленные скалы защищают их от радиации миллиарды лет

Securitylab.ru

2 months 2 weeks ago

Планеты в 6 раз тяжелее Земли скрывают океаны магмы глубиной в тысячи км.

AI Is Hard Work

Security Boulevard

2 months 2 weeks ago

"Opportunity is missed by most people because it is dressed in overalls and looks like work."
— Thomas A. Edison

The post AI Is Hard Work appeared first on Security Boulevard.

Mitchell Johnson

Dangling DNS: The Most Overlooked Attack Surface in the AI Era

The Akamai Blog

2 months 2 weeks ago

Closing DNS gaps is crucial for securing your AI agents. Discover how Akamai DNS Posture Management detects dangling DNS and helps stop overlooked threats.

Venkatesh Bachu

Astro is joining Cloudflare

The Cloudflare Blog

2 months 2 weeks ago

The Astro Technology Company team — the creators of the Astro web framework — is joining Cloudflare. We’re doubling down on making Astro the best framework for content-driven websites, today and in the years to come.

Fred Schott

AI System Reduces Attack Reconstruction Time From Weeks to Hours

darkreading

2 months 2 weeks ago

Pacific Northwest National Labs' expert cybersecurity system, ALOHA, can recreate attacks and test them against organizations' infrastructure to bolster defense.

Robert Lemos, Contributing Writer

Defensiebladen verhuizen naar Defensie Dichtbij

Defensie.nl - Nieuwsberichten

2 months 2 weeks ago

De magazines van Defensie zijn voortaan te lezen via Defensie Dichtbij. De Defensiekrant heeft de primeur en verschijnt vandaag voor het eerst op dit platform. De eerste edities van 2026 van de personeelsbladen Alle Hens, Landmacht, de Vliegende Hollander, KMarMagazine en Materieelgezien volgen binnenkort. De magazines verschijnen niet meer op Defensie.nl.

From Quantum Resilience to Identity Fatigue: Three Trends Shaping Print Security in 2026

Security Boulevard

2 months 2 weeks ago

From quantum resilience to identity fatigue, print security is emerging as a critical risk in 2026. Learn the three trends forcing organizations to rethink printer and edge-device security.

The post From Quantum Resilience to Identity Fatigue: Three Trends Shaping Print Security in 2026 appeared first on Security Boulevard.

Aurelio Maruggi

Aggregator

Managed ad