Aggregator

A vulnerability, which was classified as problematic, has been found in Reza Moallemi Comments On Feed Plugin up to 1.2.1 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-54406. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Diversified Technology DTC Documents Plugin up to 1.1.05 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-54418. The attack can be initiated remotely. There is no exploit available.

Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed since mid-January 2025, involve three distinct groups: “CozyLarch (APT29),” “UTA0304,” and “UTA0307.” The threat actors impersonate officials from organizations like the US Department of State, Ukrainian […]

The post Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication appeared first on Cyber Security News.

与依赖混淆非常类似

攻击面扩大但安全措施不力

数据安全态势管理成为云可视化的关键，但缺乏安全控制能力，成为被整合的目标。

多方原因造成了这一状况

A vulnerability was found in PHP 4.4.4/4.4.5/4.4.6/6.0 and classified as problematic. This issue affects the function phpinfo. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2007-1287. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

反射DLL注入是一种高级的进程注入技术，它允许将DLL文件直接加载到目标进程的内存中，而不依赖于操作系统的标准DLL加载机制。这种技术的核心在于动态地在内存中映射DLL，并解析DLL中的导出函数和资源

The Indian Post Office portal was found vulnerable to an Insecure Direct Object Reference (IDOR) attack, exposing sensitive Know Your Customer (KYC) data of thousands of users.  This breach highlights the critical need for robust security measures in government-operated digital platforms, especially those handling sensitive personal information like Aadhaar and PAN details. What Happened? According […]

The post Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number appeared first on Cyber Security News.

Google has unveiled a groundbreaking security feature in Android 16 Beta 2 aimed at combating phone scams by blocking users from altering sensitive settings during active phone calls.  This feature, currently live in the beta version, prevents enabling permissions like sideloading apps and granting accessibility access, both of which are commonly exploited by scammers. Phone […]

The post New Android Security Feature that Blocks Changing Sensitive Setting During Calls appeared first on Cyber Security News.

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation

Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. ⚡ Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack

韩国个人信息保护委员会 17 日表示，15 日下午 6 时起 DeepSeek 应用在韩国的服务暂停，待其根据《个人信息保护法》进行完善后再将重启服务。此前已下载的用户可以继续使用，但在使用时需注意个人信息安全。由于 DeepSeek 的用户个人信息处理方式引发争议，委员会上月 31 日向 DeepSeek 总部发送质询函，对其在研发和提供服务的过程中收集、处理数据的方式提出质疑，包括用户个人信息处理负责部门、收集项目和目的、信息使用和保存方式，以及信息是否共享等。DeepSeek 本月 14 日发来回函，承认其在推出全球版服务的过程中对韩国相关法律的考虑不够周到，并表明将积极配合委员会的相关措施。

От наличных до цифрового рубля.

Luchtmachter Lien Denneman heeft gisteren een bronzen medaille veroverd met indoorroeien tijdens de Invictus Games in Canada. Daarmee sluit het Nederlands team deze zevende editie af met 2 medailles.

Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. Cybersecurity researchers at Datadog Security Labs devised a new name confusion attack technique, called whoAMI, that allows threat actors to execute arbitrary code execution within the Amazon Web Services (AWS) account by publishing […]

Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications. Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin. "The malware is compiled in Golang and once executed it acts like a backdoor," security researcher Leandro Fróes said in an analysis

Код спрятан прямо на виду, но только избранные знают, как его обнаружить.