Aggregator

CVE-2010-4884 | Hinnendahl Gaestebuch 1.2 script_pfad code injection (EDB-14810 / OSVDB-76115)

8 months 2 weeks ago

A vulnerability, which was classified as critical, was found in Hinnendahl Gaestebuch 1.2. Affected is an unknown function. The manipulation of the argument script_pfad leads to code injection. This vulnerability is traded as CVE-2010-4884. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

Alleged Sale of Data from an Unidentified Company in Hong Kong

Dark Web Informer - Cyber Threat Intelligence

8 months 2 weeks ago

Alleged Sale of Data from an Unidentified Company in Hong Kong

Dark Web Informer - Cyber Threat Intelligence

Red Canary to join Zscaler

The Red Canary Blog: Information Security Insights

8 months 2 weeks ago

Today we are announcing a major milestone in our journey – Zscaler has signed a definitive agreement to acquire Red Canary.

Brian Beyer

DragonForce Ransomware Strikes MSP in Supply Chain Attack

darkreading

8 months 2 weeks ago

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs.

Alexander Culafi, Senior News Writer, Dark Reading

Google Chrome security advisory (AV25-299)

CCCS - Alerts and advisories

8 months 2 weeks ago

Canadian Centre for Cyber Security

Akira

Dark Feed IO

8 months 2 weeks ago

You must login to view this content

cohenido

Qilin

Dark Feed IO

8 months 2 weeks ago

You must login to view this content

cohenido

Qilin

Dark Feed IO

8 months 2 weeks ago

You must login to view this content

cohenido

Naughty AI: OpenAI o3 Spotted Ignoring Shutdown Instructions

DataBreachToday.com

8 months 2 weeks ago

Findings Follow Warnings About Other Frontier AI Models' Ability to Scheme
Toggling a misbehaving device's power button to forcibly turn it off and on again remains a trusted IT tactic since the dawn of the digital age. Enter a new challenge: artificial intelligence tools that refuse to comply with shutdown requests when they conflict with goals they've set.

NATO Countries Targeted By New Russian Espionage Group

DataBreachToday.com

8 months 2 weeks ago

'Laundry Bear' Has Been Active Since 2024
Dutch intelligence agencies and Microsoft say a novel Russian state intelligence hacking group is likely buying stolen credentials from criminal marketplaces to gain entry to North American and European networks. It has "a specific interest in European Union and NATO member states."

Meta Begins AI Training Using EU Personal Data

DataBreachToday.com

8 months 2 weeks ago

German Court Rebuffs Consumer Group Bid for Injunction
Meta can use the public posts of European Instagram and Facebook users to train its artificial intelligence models starting Tuesday after a German court rejected an injunction against the company. The court said Meta has a "legitimate interest" in processing the data.

Fake AI Tools Lure Users in Year-Long Malware Campaign

DataBreachToday.com

8 months 2 weeks ago

Mandiant Says Malware Spread Through Fake AI Video Ads Seen by Millions
Online scammers are converting excitement over generative artificial intelligence into fraudulent sites that infect victims with malware, says threat intel firm Google Mandiant in a report exposing a year-long campaign to distribute infostealers and backdoors.

New Russian state-sponsored APT quickly gains global reach, hitting expansive targets

CyberScoop

8 months 2 weeks ago

Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands’ national police force in September 2024, Microsoft researchers said.

The post New Russian state-sponsored APT quickly gains global reach, hitting expansive targets appeared first on CyberScoop.

Matt Kapko

Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars

The Record

8 months 2 weeks ago

Sina Gholinejad admitted to using the Robbinhood ransomware variant to extort ransom payments from dozens of victims.

CVE-2020-14803 | Oracle GraalVM Enterprise Edition 19.3.3/20.2.0 Java information disclosure (Nessus ID 208580)

Vuldb Updates

8 months 2 weeks ago

A vulnerability has been found in Oracle GraalVM Enterprise Edition 19.3.3/20.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Java. The manipulation leads to information disclosure. This vulnerability is known as CVE-2020-14803. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-14803 | Oracle Java SE 11.0.8/15 Libraries information disclosure (Nessus ID 208580)

Vuldb Updates

8 months 2 weeks ago

A vulnerability, which was classified as critical, was found in Oracle Java SE 11.0.8/15. This affects an unknown part of the component Libraries. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-14803. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-14798 | Oracle Java SE 7u271/8u261/11.0.8/15 Libraries

Vuldb Updates

8 months 2 weeks ago

A vulnerability classified as problematic was found in Oracle Java SE 7u271/8u261/11.0.8/15. This vulnerability affects unknown code of the component Libraries. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2020-14798. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-14803 | Oracle Java SE 7u281/8u271 Libraries information disclosure (Nessus ID 208580)

Vuldb Updates

8 months 2 weeks ago

A vulnerability, which was classified as critical, was found in Oracle Java SE 7u281/8u271. Affected is an unknown function of the component Libraries. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2020-14803. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-14803 | Oracle GraalVM Enterprise Edition 19.3.4/20.3.0 Java (Nessus ID 208580)

Vuldb Updates

8 months 2 weeks ago

A vulnerability classified as critical was found in Oracle GraalVM Enterprise Edition 19.3.4/20.3.0. Affected by this vulnerability is an unknown functionality of the component Java. The manipulation leads to an unknown weakness. This vulnerability is known as CVE-2020-14803. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2021-2388 | Oracle Java SE 8u291/11.0.11/16.0.1 Hotspot Remote Code Execution (Nessus ID 234962)

Vuldb Updates

8 months 2 weeks ago

A vulnerability was found in Oracle Java SE 8u291/11.0.11/16.0.1. It has been classified as critical. Affected is an unknown function of the component Hotspot. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2021-2388. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Aggregator

Managed ad