Aggregator

You Got Phished? Of Course! You're Human...

Bleeping Computer.
3 months ago
Phishing succeeds not because users are careless, but because attackers exploit human timing, context, and emotion. Flare shows how modern phishing has become industrialized, scalable, and increasingly hard to spot. [...]
Sponsored by Flare

EU tightens cybersecurity rules for tech supply chains

Help Net Security
3 months ago

The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure ICT supply chains and ensure products reaching EU citizens are secure by design through a streamlined certification process. Revised Cybersecurity Act and ICT supply chain security The revised Cybersecurity Act establishes an ICT supply chain security framework based on a risk-based approach. This framework will help the EU and Member … More →

The post EU tightens cybersecurity rules for tech supply chains appeared first on Help Net Security.

Anamarija Pogorelec

CVE-2026-22977 | Linux Kernel up to 6.19-rc4 net sk_buff.cb allocation of resources

VulDB Recent Entries
3 months ago
A vulnerability was found in Linux Kernel up to 6.19-rc4. It has been declared as critical. This affects an unknown function of the file sk_buff.cb of the component net. Such manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2026-22977. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

Vectra AI helps organizations prevent AI-powered cyberattacks

Help Net Security
3 months ago

Vectra AI launched the next generation of its flagship platform, purpose-built to protect the AI enterprise by delivering preemptive security and proactive defense against AI-powered cyberattacks. As enterprises embed AI across applications and infrastructure, they are becoming AI enterprises: always-on, hyper-connected environments that operate at machine speed. These environments function as a single, living network spanning on-premises data centers, multi-cloud, identity, SaaS, IoT/OT, edge, and AI infrastructure, where non-human identities and AI agents increasingly outnumber … More →

The post Vectra AI helps organizations prevent AI-powered cyberattacks appeared first on Help Net Security.

Industry News

CVE-2025-15043 | The Events Calendar Plugin up to 6.15.13 on WordPress Data Migration start_migration/cancel_migration/revert_migration authorization

Vuldb Updates
3 months ago
A vulnerability classified as critical was found in The Events Calendar Plugin up to 6.15.13 on WordPress. This impacts the function start_migration/cancel_migration/revert_migration of the component Data Migration Handler. The manipulation results in missing authorization. This vulnerability is reported as CVE-2025-15043. The attack can be launched remotely. No exploit exists.
vuldb.com

CVE-2025-15347 | Creator LMS Plugin up to 1.1.12 on WordPress Options Update get_items_permissions_check authorization

Vuldb Updates
3 months ago
A vulnerability, which was classified as problematic, has been found in Creator LMS Plugin up to 1.1.12 on WordPress. Affected is the function get_items_permissions_check of the component Options Update Handler. This manipulation causes missing authorization. This vulnerability appears as CVE-2025-15347. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2025-15380 | NotificationX Plugin up to 3.2.0 on WordPress nx-preview cross site scripting

Vuldb Updates
3 months ago
A vulnerability has been found in NotificationX Plugin up to 3.2.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. Performing a manipulation of the argument nx-preview results in cross site scripting. This vulnerability is known as CVE-2025-15380. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

Managed ad