Aggregator

CVE-2025-5399 | cURL up to 8.14.0 WebSocket lib/ws.c curl_ws_send infinite loop (d1145df24de8f80e6b16)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability classified as problematic was found in cURL up to 8.14.0. Affected by this vulnerability is the function curl_ws_send of the file lib/ws.c of the component WebSocket Handler. The manipulation leads to infinite loop. This vulnerability is known as CVE-2025-5399. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Microsoft Defender for Endpoint Prevents Cyberattack,Secures 180,000 Devices

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months 2 weeks ago

The modern digital estate is under siege. Over the past 18 months, Microsoft’s threat protection teams have tracked a staggering 275% increase in ransomware encounters, with attackers shifting from broad, random attacks to highly targeted, multi-domain campaigns that exploit unique vulnerabilities in each organization. These attacks are not only more frequent but also faster—thousands of […]

The post Microsoft Defender for Endpoint Prevents Cyberattack,Secures 180,000 Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

CVE-2025-27444 | rsjoomla RSform Pro Component 3.0.0-3.3.13 on Joomla filter[dateFrom] cross site scripting (EUVD-2025-16847)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability classified as problematic has been found in rsjoomla RSform Pro Component 3.0.0-3.3.13 on Joomla. Affected is an unknown function. The manipulation of the argument filter[dateFrom] leads to cross site scripting. This vulnerability is traded as CVE-2025-27444. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-4580 | File Provider Plugin up to 1.2.3 on WordPress Setting cross-site request forgery (EUVD-2025-16841)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability has been found in File Provider Plugin up to 1.2.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-4580. The attack can be launched remotely. There is no exploit available.
vuldb.com

乌克兰使用开源软件对俄罗斯后方机场轰炸机发动无人机攻击

Solidot
3 months 2 weeks ago
上周日,在一次战争中最大胆的协同攻击中,乌克兰使用了一百多架无人机对俄罗斯后方机场的远程轰炸机发动大规模无人机攻击。无人机、炸药以及相关平台通过走私进入俄罗斯,在组装之后雇佣俄罗斯卡车司机将它们运送到目标机场附近,然后打开卡车车顶,连接俄罗斯本国的移动网络,对五个机场上停放的 41 架远程轰炸机发动攻击。目前卫星图像确认有 13 架轰炸机严重受损,还有一架 A-50 预警机严重受损。这次攻击被称为蛛网行动,无人机的自主驾驶系统使用了开源软件 ArduPilot。ArduPilot 项目始于 2007 年,采用 GPLv3 许可证,它最初是为基于 Arduino 的微控制器设计的,之后发展成为被业界、研究机构、军方和业余爱好者广泛使用的功能完整的无人机自主驾驶系统。

TXOne Networks unveils intelligent vulnerability mitigation capability

Help Net Security
3 months 2 weeks ago

TXOne Networks announced an expanded new version of its SageOne OT Cybersecurity Governance Platform. Already relied upon by many industrial leaders across sectors with exacting cybersecurity requirements, TXOne SageOne has been enhanced to deliver a novel capability for intelligent vulnerability mitigation. One of the most common challenges faced by (operational technology) OT cybersecurity practitioners is how to patch effectively under time constraints—making risk-based prioritization essential. TXOne SageOne integrates external intelligence on emerging threats, the specific … More →

The post TXOne Networks unveils intelligent vulnerability mitigation capability appeared first on Help Net Security.

Industry News

Akira

Dark Feed IO
3 months 2 weeks ago

You must login to view this content

cohenido

Managed ad