Aggregator

安全重构，智启未来 ！期待您的声音，与我们一同勾勒安全防御的未来图景！

XSSky：融合动静态分析，精准狙击XSS漏洞的新一代“利剑”

A vulnerability classified as critical has been found in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/inc_module/mod_feedimport/inc/processing.inc.php of the component Feedimport Module. Performing manipulation of the argument cnt_text results in deserialization. This vulnerability is identified as CVE-2025-5497. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component.

A sophisticated campaign uncovered where adversaries are exploiting CVE-2023-46604, a critical remote code execution vulnerability in Apache ActiveMQ, to compromise cloud-based Linux systems. In this case, attackers are patching the very vulnerability they exploited to maintain exclusive access and evade detection, demonstrating advanced operational security practices typically reserved for nation-state actors. Key Takeaways1. Attackers exploit […]

The post Hackers Exploiting Apache ActiveMQ Vulnerability to Gain Access to Cloud Linux Systems appeared first on Cyber Security News.

A vulnerability classified as problematic has been found in Mobile Industrial Robots MiR Robots and MiR Fleet up to 2.x. The affected element is an unknown function of the component Note Handler. The manipulation leads to incorrect authorization. This vulnerability is documented as CVE-2025-9228. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as problematic has been reported in Mobile Industrial Robots MiR Robots and MiR Fleet up to 2.x. This issue affects some unknown processing of the component Web Interface. Performing manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-9225. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Pik Online Yazılım Çözümleri Pik Online up to 3.1.4. Impacted is an unknown function. Executing manipulation can lead to server-side request forgery. This vulnerability is registered as CVE-2025-5260. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

Cybersecurity researchers have uncovered a sophisticated campaign by the Paper Werewolf threat actor group, also known as GOFFEE, targeting Russian organizations through the exploitation of critical vulnerabilities in WinRAR archiving software. The campaign, active since July 2025, demonstrates the group’s advanced capabilities in leveraging both known and previously undiscovered security flaws to establish persistent access […]

The post Paper Werewolf Exploiting WinRAR Zero‑Day Vulnerability to Deliver Malware appeared first on Cyber Security News.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.14.1. This affects the function clear_inode of the file fs/inode.c of the component jfs. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2025-37925. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. This impacts the function dom_data_init of the component resctrl. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-38049. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability classified as problematic has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. This vulnerability is listed as CVE-2025-9167. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. This vulnerability is cataloged as CVE-2025-9168. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 140 on Android. Impacted is an unknown function of the component blob URL Handler. Performing manipulation results in improper restriction of rendered ui layers. This vulnerability is known as CVE-2025-8364. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 140 on Android and classified as problematic. This issue affects some unknown processing of the component Address Bar. The manipulation leads to clickjacking. This vulnerability is uniquely identified as CVE-2025-8041. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Mozilla Firefox up to 140 on Android and classified as critical. Impacted is an unknown function of the component iFrame Handler. The manipulation results in improper access controls. This vulnerability was named CVE-2025-8042. The attack may be performed from a remote location. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1. It has been declared as problematic. This affects the function build_prologue of the component LoongArch. Executing manipulation can lead to off-by-one. This vulnerability is handled as CVE-2025-37893. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel. The affected element is the function ssi_protocol_probe of the component HSI. The manipulation leads to use after free. This vulnerability is listed as CVE-2025-37838. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.

Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI. […]

A critical remote code execution (RCE) vulnerability in CodeRabbit’s production infrastructure that provided unauthorized access to over one million code repositories, including private ones.  The vulnerability, discovered in December 2024 and responsibly disclosed in January 2025, exploited the platform’s static analysis tool integration to leak sensitive API credentials and gain write access to GitHub repositories […]

The post CodeRabbit’s Production Servers RCE Vulnerability Enables Write Access on 1M Repositories appeared first on Cyber Security News.

The majority of events globally are caused by phishing, which continues to be the most common vector for cyberattacks in the constantly changing world of cyber threats. The proliferation of affordable Phishing-as-a-Service (PhaaS) platforms such as Tycoon2FA, EvilProxy, and Sneaky2FA has exacerbated this issue, enabling even novice attackers to deploy sophisticated campaigns. These services are […]

The post New Salty 2FA PhaaS Platform Targets Microsoft 365 Users to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.