Aggregator

A vulnerability classified as critical was found in Apache NiFi up to 2.7.2. The affected element is an unknown function of the component Component Update Handler. Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2026-25903. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in ModelTC LightLLM up to 1.1.0. It has been rated as critical. This affects the function pickle.loads of the component WebSocket Endpoint. Performing a manipulation results in deserialization. This vulnerability is reported as CVE-2026-26220. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in RSS Aggregator Plugin up to 5.0.10 on WordPress. It has been rated as problematic. This affects an unknown function. This manipulation of the argument template causes cross site scripting. This vulnerability is registered as CVE-2026-1216. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as critical has been found in Clickedu SaaS Platform. The affected element is an unknown function of the component Day-to-day Section. Performing a manipulation of the argument id_alu results in sql injection. This vulnerability is known as CVE-2026-2247. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in EKA Real Estate Script V5 up to 17022026. The impacted element is an unknown function. Executing a manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2025-8303. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in BVA Concierge::Sessions up to 0.8.4 on Perl and classified as problematic. Affected is the function rand. The manipulation results in generation of predictable numbers or identifiers. This vulnerability is cataloged as CVE-2026-2439. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in TEEJAY Maypole up to 2.13 on Perl. It has been declared as problematic. Affected by this issue is the function rand. Such manipulation leads to cryptographically weak prng. This vulnerability is documented as CVE-2025-15578. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as critical, has been found in Zarinpal Gateway for WooCommerce Plugin up to 5.0.16 on WordPress. The impacted element is the function Return_from_ZarinPal_Gateway of the component Payment Call Handler. Performing a manipulation results in improper access controls. This vulnerability is identified as CVE-2026-2592. The attack can be initiated remotely. There is not any exploit available.

A vulnerability has been found in Forminator Forms Plugin up to 1.50.2 on WordPress and classified as problematic. This impacts an unknown function. The manipulation of the argument form_name leads to cross site scripting. This vulnerability is listed as CVE-2026-2002. The attack may be initiated remotely. There is no available exploit.

A vulnerability, which was classified as critical, was found in EventPrime Plugin up to 4.2.8.4 on WordPress. This affects the function ep_upload_file_media of the component AJAX Endpoint. Executing a manipulation can lead to missing authorization. This vulnerability is tracked as CVE-2026-1657. The attack can be launched remotely. No exploit exists.

Apache Tomcat has disclosed CVE-2026-24733, a Low-severity security constraint bypass that can be triggered via HTTP/0.9 requests when certain access-control rules are configured in a specific way. The Apache Tomcat security team identified the issue, and the original advisory was published on 2026-02-17. At a high level, the vulnerability stems from Tomcat not restricting HTTP/0.9 […]

The post Apache Tomcat Vulnerabilities Let Attackers Bypass Security Constraints via HTTP/0.9 Requests appeared first on Cyber Security News.

针对疑似某红队大佬的样本分析

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2025-49113 RoundCube Webmail Deserialization of Untrusted Data Vulnerability
• CVE-2025-68461 RoundCube Webmail Cross-site Scripting Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

The National Bank of Ukraine announced that attackers may have gained access to users’ personal data, including names, phone numbers, email addresses and delivery addresses, in a recent cyberattack.

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). "The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage

Three critical vulnerabilities have been found in four popular Visual Studio Code extensions. These extensions have been downloaded over 128 million times. The vulnerabilities are identified as CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717. The findings from the OX Security Research team, later confirmed on Cursor and Windsurf IDEs, expose a systemic blind spot in modern software supply […]

The post Critical Vulnerabilities in VS Code Extensions Threaten 128 Million Developer Environments appeared first on Cyber Security News.

The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. [...]

在暗网毒品市场 Incognito 管理员 Lin Rui-Siang 的量刑听证会上，他的辩护律师首次披露，Incognito 的另一名管理员是 FBI 的线人，而这位管理员负责了 Incognito 大部分的毒品交易，Lin 坚称他主要负责代码和网站的技术基础设施。Lin 在狱中接受采访时表示，未披露名字的 FBI 线人是 Incognito 的正式合伙人，负责了网站大部分的管理工作，包括解决纠纷，允许哪些卖家出售毒品哪些卖家将被剔除。Lin 称是 FBI 在运营这个毒品交易网站。检方则否认该线人是 Lin 的同级，称线人是其下属不具有平等关系，否认政府运营该网站。

Британия объявила охоту на нейросети, которые «раздевают» женщин.

Large language models, commonly known as LLMs, are increasingly being asked to generate passwords — and new research has shown that the passwords they produce are far weaker than they appear. A password like G7$kL9#mQ2&xP4!w may look convincingly random, but it carries a fundamental flaw that standard password-strength tools consistently miss. The core problem lies in how […]

The post LLM-Generated Passwords Expose Major Security Flaws with Predictability, Repetition, and Weakness appeared first on Cyber Security News.