Aggregator

CVE-2025-53252 | zozothemes Zegen Plugin up to 1.1.9 on WordPress filename control

VulDB Recent Entries
3 months 1 week ago
A vulnerability labeled as critical has been found in zozothemes Zegen Plugin up to 1.1.9 on WordPress. The affected element is an unknown function. Executing manipulation can lead to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability appears as CVE-2025-53252. The attack may be performed from remote. There is no available exploit.
vuldb.com

Eichelsheim: “Innovatie is bepalende factor in de strijd”

Defensie.nl - Nieuwsberichten
3 months 1 week ago
Hoe breng je innovaties snel naar de operatie? Dat was de centrale vraag tijdens Purple NECtar x Innovation in Defence, het grootste kennis & innovatie-evenement van Defensie. Gisteren en vandaag waren er meer dan 3.500 bezoekers bijeen in Hart van Holland, Nijkerk. Daar ontdekten ze hoe nieuwe technologie en werkwijze de krijgsmacht wendbaarder en sterker maakt. Het thema van deze editie: Innovate. Integrate. Operate.

Airstalk Malware Leverages AirWatch API MDM Platform to Establish Covert C2 Communication

Cyber Security News
3 months 1 week ago

Security researchers have uncovered a sophisticated new malware family targeting enterprise environments through a supply chain compromise. The malware, tracked as Airstalk, represents a significant shift in how attackers exploit legitimate enterprise management tools to evade detection and maintain persistent access to compromised systems. This discovery highlights the growing vulnerability of business process outsourcing organizations […]

The post Airstalk Malware Leverages AirWatch API MDM Platform to Establish Covert C2 Communication appeared first on Cyber Security News.

Tushar Subhra Dutta

Multi-Staged ValleyRAT Uses WeChat and DingTalk to Attack Windows Users

Cyber Security News
3 months 1 week ago

ValleyRAT has emerged as a sophisticated multi-stage remote access trojan targeting Windows systems, with particular focus on Chinese-language users and organizations. First observed in early 2023, this malware employs a carefully orchestrated infection chain that progresses through multiple components—downloader, loader, injector, and final payload—making detection and removal significantly challenging for security teams. The threat actors […]

The post Multi-Staged ValleyRAT Uses WeChat and DingTalk to Attack Windows Users appeared first on Cyber Security News.

Tushar Subhra Dutta

Defensie speurt in Nederlandse regio’s naar innovatieve bedrijven

Defensie.nl - Nieuwsberichten
3 months 1 week ago
Met maar liefst 4 regio’s heeft staatssecretaris Gijs Tuinman vandaag, samen met de Regionale ontwikkelingsmaatschappijen (ROM’s) en de provincies, een overeenkomst getekend. Dat zijn Oost-, Midden-Nederland, Noord-Holland en Zeeland. Op die manier legt Defensie daar contact met bedrijven die ze nog niet kent. Zij gaan zich inzetten om de innovatiekracht van Defensie verder te versterken. 

Mastodon 4.5 释出

Solidot
3 months 1 week ago
Mastodon 去中心化微博平台释出了 v4.5 版本。主要新功能包括:支持引用帖子;原生表情符号(emoji)支持;增强服务器管理员的信息流管理和屏蔽功能,管理员可以将本服务器的信息流设为访客主页,屏蔽特定用户名,审核界面可以显示上下文,等等。

New EndClient RAT Attacking Users by Leveraging Stolen Code-Signing to Bypass AV Detections

Cyber Security News
3 months 1 week ago

A sophisticated Remote Access Trojan labeled EndClient RAT has emerged as a significant threat targeting human rights defenders in North Korea, marking another escalation in advanced malware operations attributed to the Kimsuky threat group. This newly discovered malware represents a concerning shift in attack sophistication, utilizing stolen code-signing certificates to evade antivirus protections and bypass […]

The post New EndClient RAT Attacking Users by Leveraging Stolen Code-Signing to Bypass AV Detections appeared first on Cyber Security News.

Tushar Subhra Dutta

Qilin

Dark Feed IO
3 months 1 week ago

You must login to view this content

cohenido

Managed ad