Aggregator
CVE-2025-0714 | Mobatek MobaXterm up to 24.x AES weak iv
CVE-2025-26758 | RebelCode Spotlight Social Media Feeds Plugin up to 1.7.1 on WordPress exposure of sensitive system information to an unauthorized control sphere
CVE-2025-23840 | webjema Notcaptcha Plugin up to 1.3.1 on WordPress cross site scripting
【资料】美国国际开发署(USAID)人员名单(2)(含简历)
Приложение DeepSeek прекратило работу в Южной Корее
CISA Warns of Apple iOS Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, tracked as CVE-2025-24200, being actively exploited in targeted attacks. The flaw, an authorization bypass in Apple’s USB Restricted Mode, enables attackers with physical access to disable security protections on locked devices, potentially […]
The post CISA Warns of Apple iOS Vulnerability Exploited in Wild appeared first on Cyber Security News.
CVE-2025-23845 | ERA404 ImageMeta Plugin up to 1.1.2 on WordPress cross site scripting
CISA Warns of Active Exploitation of Apple iOS & iPadOS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning of active exploitation of a critical security flaw in Apple’s iOS and iPad operating systems. Tracked as CVE-2025-24200, the vulnerability permits attackers with physical access to bypass critical security protections on locked devices, escalating risks of unauthorized data access and potential device compromise. […]
The post CISA Warns of Active Exploitation of Apple iOS & iPadOS Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Threat Actors Exploiting Modified SharpHide Tool to Conceal Registry Entries
Threat actors are leveraging a modified version of the SharpHide tool to create hidden registry entries, significantly complicating detection and removal efforts. This technique exploits vulnerabilities in Windows registry handling, using null-terminated strings to obscure malicious entries. The modified SharpHide has been integrated into sophisticated attack chains, enabling malware persistence while evading standard detection mechanisms. […]
The post Threat Actors Exploiting Modified SharpHide Tool to Conceal Registry Entries appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2025-26754 | bPlugins Timeline Block Plugin up to 1.1.1 on WordPress cross site scripting
CVE-2025-26769 | Webilia Vertex Addons for Elementor Plugin up to 1.2.0 on WordPress cross site scripting
CVE-2025-26771 | sonalsinha21 SKT Blocks Plugin up to 1.7 on WordPress cross site scripting
CVE-2025-26772 | Detheme Kit for Elementor Plugin up to 2.1.8 on WordPress cross site scripting
CVE-2025-26773 | Adnan Analytify Plugin up to 5.5.0 on WordPress authorization
CVE-2025-26775 | RealMag777 Bear Plugin up to 1.1.4.4 on WordPress cross site scripting
CVE-2025-26778 | Gallery Plugin up to 2.2.1 on WordPress cross site scripting
CVE-2025-26770 | Joe Waymark Plugin up to 1.5.0 on WordPress cross site scripting
Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB
Multiple vulnerabilities in enterprise-grade Xerox Versalink C7025 multifunction printers (MFPs) enable attackers to intercept authentication credentials from Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) services. Designated as CVE-2024-12510 and CVE-2024-12511, these flaws allow malicious actors to execute “pass-back attacks” – a technique that redirects device authentication attempts to attacker-controlled systems. The vulnerabilities, […]
The post Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB appeared first on Cyber Security News.