Aggregator

A vulnerability was found in Microsoft .NET 3.1/5.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. This vulnerability is traded as CVE-2021-31957. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in ReportLab up to 3.5.30 and classified as critical. This issue affects the function start_unichar of the file paraparser.py of the component XML Document Handler. The manipulation leads to xml injection. The identification of this vulnerability is CVE-2019-19450. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Unbound up to 1.9.4 and classified as critical. Affected by this issue is some unknown functionality of the component IPsec Module. The manipulation as part of Answer leads to improper input validation. This vulnerability is handled as CVE-2019-18934. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Unbound up to 1.10.0. It has been declared as critical. This vulnerability affects unknown code of the component Network Message Volume Handler. The manipulation leads to uncontrolled recursion. This vulnerability was named CVE-2020-12662. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

About a third of the case file archive of Pravosudiye — Russia's national electronic court filing system — was deleted in a previously reported cyberattack, auditors said. A pro-Ukrainian group has claimed the intrusion.

虽然没有正式宣布，Red Hat 的旗舰企业级发行版 Red Hat Enterprise Linux 10 抵达了 GA（general availability） 状态，客户已经可以下载 ISO 镜像。Red Hat 将于下周一在波士顿举行峰会，RHEL 10.0 预计会是该活动的一个焦点。

A vulnerability was found in OpenText Advance Authentication up to 6.4. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-10865. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.83/5.15.6. It has been declared as critical. Affected by this vulnerability is the function start_cpsch. The manipulation leads to improper initialization. This vulnerability is known as CVE-2021-47551. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Lleidanet PKI eSigna up to 5.4.0 and classified as problematic. This issue affects some unknown processing of the component SignaViewer Component. The manipulation leads to authorization bypass. The identification of this vulnerability is CVE-2025-4762. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Author/Presenter: Sing Ambikapathi

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – GroundFloor – The Road To Developers’ Hearts appeared first on Security Boulevard.

A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory

10 mei 1940, 4:30 uur. Twee laagvliegende Messerschmitts 109 beschieten vliegveld De Kooy bij Den Helder. Korporaal radioboordtelegrafist 1e Luchtvaartregiment Leendert Johannes Beerschooten raakt levensgevaarlijk gewond. Toch blijft hij de telefoon bedienen. Net zo lang tot hij bezwijkt. Vandaag is Beerschooten herbegraven op het Militair Ereveld Grebbenberg in Rhenen.

ИИ, который звучит. И даже работает без интернета.

A recently discovered .NET-based multi-stage loader has caught the attention of cybersecurity researchers due to its complex architecture and ability to deploy a range of malicious payloads on Windows systems. Tracked since early 2022 by Threatray, this loader employs a sophisticated three-stage process to deliver commodity stealers, keyloggers, and Remote Access Trojans (RATs) such as […]

The post New .NET Multi-Stage Loader Targets Windows Systems to Deploy Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Alleged Sale of WatchGuard VPN Checker Tool

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," the company said in a statement. "They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1% of Coinbase monthly

根据本周发表在《Nature Human Behaviour》期刊上的一项研究，宾夕法尼亚大学沃顿商学院的研究人员发现，AI 聊天机器人 ChatGPT 能在头脑风暴中增强个体的创造力，但同时会降低集体的创意多样性。研究人员在一系列实验中让参与者完成创意挑战，有的可以使用 ChatGPT 帮助有的不允许。举例来说，研究人员让参与者提出重新利用网球拍和花园水管的创意。ChatGPT 辅助提出的创意有 20 个包含有洒水器，Web 搜索辅助提出的创意只有 7 个，不使用任何辅助纯由人类提出的创意中包含 12 个。研究结果与此前发表在《Science Advances》期刊上的一项研究基本一致，即 AI 生成的内容趋于同质化。

23 уязвимости — и один шанс их не проверять на себе: апдейт до 7.0 уже вышел.

Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US Securities and Exchange Commission (SEC). The attack did not involve the compromise of company systems or networks. Instead, the data was accessed by a group of malicious support agents. How did the attack happen? According to the US-based company, criminals bribed … More →

The post Coinbase suffers data breach, gets extorted (but won’t pay) appeared first on Help Net Security.

A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/profile.php. The manipulation of the argument name/email/mobile leads to cross site scripting. This vulnerability is known as CVE-2025-44183. The attack can be launched remotely. There is no exploit available.