Aggregator
CVE-2025-9449 | Dassault Systèmes SOLIDWORKS eDrawings up to 2025 PAR File Parser use after free
CVE-2025-9447 | Dassault Systèmes SOLIDWORKS eDrawings up to 2025 PAR File Parser out-of-bounds
CVE-2025-10599 | itsourcecode Web-Based Internet Laboratory Management System 1.0 login.php User::AuthenticateUser user_email sql injection
FinWise Insider Breach Exposes 700K Customer Records to Former Employee
American First Finance, LLC, a Dallas-based financial services firm, suffered a significant insider breach when a recently terminated employee exploited unauthorized access to its production database. The incident, dubbed the FinWise insider breach, resulted in the exfiltration of sensitive customer records nearly 689,000 names, Social Security numbers, and other personal identifiers via direct SQL queries […]
The post FinWise Insider Breach Exposes 700K Customer Records to Former Employee appeared first on Cyber Security News.
Submit #649501: itsourcecode Web-Based-Internet-Laboratory-Management-System 1 Time-Based Blind SQL Injection in login.php [Accepted]
Не стоит ждать патчи каждый месяц. Google меняет подход к безопасности Android
CVE-2025-10598 | SourceCodester Pet Grooming Management Software 1.0 search_product.php group_id sql injection
ManageEngine enhances Log360 to reduce alert fatigue for SOC teams
ManageEngine unveiled that its security information and event management (SIEM) solution, Log360, has been strengthened with a reengineered threat detection approach, in a major enhancement aimed at addressing the needs of security operations center (SOC) teams. Over 60% of SOC teams are overwhelmed with irrelevant threat data, of which a majority (53%) of cloud security alerts can be considered noise, according to the 2025 Threat Intelligence Benchmark study commissioned by Google. ManageEngine’s latest release bolsters … More →
The post ManageEngine enhances Log360 to reduce alert fatigue for SOC teams appeared first on Help Net Security.
JVN: ブラザーおよびそのOEMベンダーが提供する複数の製品における管理者パスワードの初期設定について
CVE-2025-10597 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 COUNT2.php cname sql injection
正在直播 | 大模型安全避坑指南
字节跳动安全与风控2026校招宣讲预告来袭!
CVE-2025-10596 | SourceCodester Online Exam Form Submission 1.0 /index.php usn sql injection
Hackers Can Exploit Bitpixie Vulnerability to Bypass BitLocker Encryption and Escalate Privileges
A critical vulnerability in Windows Boot Manager, known as bitpixie, enables attackers to bypass BitLocker drive encryption and escalate local privileges on Windows systems. The vulnerability affects boot managers from 2005 to 2022 and can still be exploited on updated systems through downgrade attacks, posing significant risks to enterprise security. Key Takeaways1. Bitpixie lets attackers bypass BitLocker […]
The post Hackers Can Exploit Bitpixie Vulnerability to Bypass BitLocker Encryption and Escalate Privileges appeared first on Cyber Security News.