Aggregator

A vulnerability was found in Advanced Video Player with Analytics Plugin up to 1 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-51824. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Daniel J Griffiths Beacon for Help Scout Plugin up to 1.3.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-51828. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Aboutorab Pourhaghani Persian Nested Show Hide Text Plugin up to 1.5 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-51831. The attack may be launched remotely. There is no exploit available.

The Australian government has banned all Kaspersky Lab products and web services from its systems and devices following an analysis that claims the company poses a significant security risk to the country. [...]

A vulnerability classified as problematic has been found in Boombox Shortcode Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-51827. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Fazilatunnesa News Ticker Plugin up to 1.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51830. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Figoli Quinn & Associates Mobile Kiosk Plugin up to 1.3.0 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51829. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Plenigo Plugin up to 1.12.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-51832. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Ajinkya N OpenCart Product Display Plugin up to 1.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51835. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Noman Akhtar Easy Social Sharebar Plugin up to 1.0.0 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51833. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Teconce Wezido Plugin up to 1.2 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-51836. It is possible to launch the attack remotely. There is no exploit available.

Over the course of my professional and military career, I’ve noticed an increasing trend in malicious actions targeting the military community. Military personnel face unique cybersecurity threats, including targeted identity theft from foreign adversaries. Service members in particular are high-value targets due to their security clearances, financial stability, and access to classified or sensitive information.  […]

The post Essential Steps for Military Members to Protect Against Identity Theft appeared first on BlackCloak | Protect Your Digital Life™.

The post Essential Steps for Military Members to Protect Against Identity Theft appeared first on Security Boulevard.

Инновационные методы моделирования открывают дверь к разгадке многоликой жидкости.

The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious code. These repositories are designed to lure unsuspecting developers into downloading and executing the malicious code, which can lead to significant financial […]

The post GitVenom Campaign Abuses Thousands of GitHub Repositories to Infect Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Permalink

The post Randall Munroe’s XKCD ‘KM3NeT’ appeared first on Security Boulevard.

In a recent escalation of cyber threats, hackers have launched a targeted campaign, identified as UAC-0212, aimed at compromising critical infrastructure facilities in Ukraine. This campaign, which began in the second half of 2024, involves sophisticated tactics to infiltrate the networks of developers and suppliers of automation and process control solutions. The attackers’ ultimate goal […]

The post UAC-0212: Hackers Unleash Devastating Cyber Attack on Critical Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that have compromised at least 3.2 million users. These extensions, which include functionalities like screen capture, ad blocking, and emoji keyboards, were found to inject code into browsers, facilitating advertising and search engine optimization fraud. The threat actor behind this campaign is […]

The post Widespread Chrome Malware: 16 Extensions Infect Over 3.2 Million Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Инженеры создали мини-машину с грацией дикой кошки.

A significant vulnerability has been discovered in the Sliver C2 server, a popular open-source cross-platform adversary emulation and red team framework. This vulnerability, identified as CVE-2025-27090, allows attackers to hijack TCP connections, enabling them to intercept and manipulate traffic. The exploit leverages a Server-Side Request Forgery (SSRF) technique, which can be particularly damaging as it […]

The post Sliver C2 Server Vulnerability Enables TCP Hijacking for Traffic Interception appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A massive botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide, attempting to confirm credentials. [...]