Sinobi
You must login to view this content
Aggregator
Sinobi
2 months 2 weeks ago
You must login to view this content
cohenido
Sinobi
2 months 2 weeks ago
You must login to view this content
cohenido
Iranian TV Transmission Hacked With Message from Exiled Prince
2 months 2 weeks ago
Unidentified hackers disrupted Iranian state television to broadcast messages from exiled Crown Prince Reza Pahlavi. Read about the economic crisis, the internet blackout, and the latest reports on the protest death toll.
Deeba Ahmed
Phishing Campaign Zeroes in on LastPass Customers
2 months 2 weeks ago
The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models to craft them.
Alexander Culafi
Play
2 months 2 weeks ago
You must login to view this content
cohenido
Play
2 months 2 weeks ago
You must login to view this content
cohenido
53,000 USA Driver License Images Allegedly for Sale on Exploit Forum
2 months 2 weeks ago
53,000 USA Driver License Images Allegedly for Sale on Exploit Forum
Dark Web Informer
News alert: Reflectiz study finds most third-party web apps access sensitive data without justification
2 months 2 weeks ago
BOSTON, Jan. 21, 2026, CyberNewswire — Reflectiz today announced the release of its 2026 State of Web Exposure Research, revealing a sharp escalation in client?side risk across global websites, driven primarily by third?party applications, marketing tools, and unmanaged digital … (more…)
The post News alert: Reflectiz study finds most third-party web apps access sensitive data without justification first appeared on The Last Watchdog.
The post News alert: Reflectiz study finds most third-party web apps access sensitive data without justification appeared first on Security Boulevard.
cybernewswire
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
2 months 2 weeks ago
CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or above, 7.4.9 or above, 7.2.12 or above, and 7.0.18 or above. But on Tuesday, a Fortinet administrator posted on Reddit asking whether other enterprise admins had observed attackers logging in and creating new accounts on … More →
The post Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? appeared first on Help Net Security.
Zeljka Zorz
«Кот жив, кот мертв, а ошибок в 10 000 раз меньше». Французы превратили парадокс Шрёдингера в квантовый процессор
2 months 3 weeks ago
Alice and Bob представили «лифт-код» для коррекции ошибок в квантовых вычислениях.
Cisco security advisory (AV26-048)
2 months 3 weeks ago
Canadian Centre for Cyber Security
CVE-2026-0920 | LA-Studio Element Kit for Elementor Plugin up to 1.5.6.3 on WordPress User Creation ajax_register_handle lakit_bkrole Remote Code Execution
2 months 3 weeks ago
A vulnerability categorized as critical has been discovered in LA-Studio Element Kit for Elementor Plugin up to 1.5.6.3 on WordPress. This vulnerability affects the function ajax_register_handle of the component User Creation Handler. Such manipulation of the argument lakit_bkrole leads to Remote Code Execution.
This vulnerability is traded as CVE-2026-0920. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2021-47870 | GetSimple CMS My SMTP Contact Plugin 1.1.2 htmlspecialchars cross site scripting (EDB-49798)
2 months 3 weeks ago
A vulnerability was found in GetSimple CMS My SMTP Contact Plugin 1.1.2. It has been rated as problematic. This affects the function htmlspecialchars. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2021-47870. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
CVE-2021-47860 | GetSimple CMS Custom JS Plugin 0.1 cross-site request forgery (Exploit 49816 / EDB-49712)
2 months 3 weeks ago
A vulnerability was found in GetSimple CMS Custom JS Plugin 0.1. It has been declared as problematic. Affected by this issue is some unknown functionality. The manipulation results in cross-site request forgery.
This vulnerability is reported as CVE-2021-47860. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-69763 | Tenda AX3 16.03.12.11 formSetIptv vlanId stack-based overflow
2 months 3 weeks ago
A vulnerability was found in Tenda AX3 16.03.12.11. It has been classified as critical. Affected by this vulnerability is the function formSetIptv. The manipulation of the argument vlanId leads to stack-based buffer overflow.
This vulnerability is documented as CVE-2025-69763. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-69762 | Tenda AX3 16.03.12.11 formSetIptv list stack-based overflow
2 months 3 weeks ago
A vulnerability was found in Tenda AX3 16.03.12.11 and classified as critical. Affected is the function formSetIptv. Executing a manipulation of the argument list can lead to stack-based buffer overflow.
This vulnerability is registered as CVE-2025-69762. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2025-68135 | EVerest everest-core prior 2025.10.0 improper check or handling of exceptional conditions
2 months 3 weeks ago
A vulnerability has been found in EVerest everest-core and classified as problematic. This impacts an unknown function. Performing a manipulation results in improper check or handling of exceptional conditions.
This vulnerability is cataloged as CVE-2025-68135. The attack must originate from the local network. There is no exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2025-69766 | Tenda AX3 16.03.12.11 formGetIptv stack-based overflow
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Tenda AX3 16.03.12.11. This affects the function formGetIptv. Such manipulation leads to stack-based buffer overflow.
This vulnerability is listed as CVE-2025-69766. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2021-47830 | Get-Simple My SMTP Contact Plugin 1.1.1 cross-site request forgery (Exploit 49774 / EDB-49774)
2 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Get-Simple My SMTP Contact Plugin 1.1.1. The impacted element is an unknown function. This manipulation causes cross-site request forgery.
This vulnerability is tracked as CVE-2021-47830. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com