Aggregator

New research by Security Intelligence has revealed security risks in MLOps platforms including Azure ML, BigML and Google Vertex AI

Lake Shore Public Schools Has Been Claimed a Victim to 8BASE Ransomware

在最坚硬的石头上刻一朵小花

在最坚硬的石头上刻一朵小花

在最坚硬的石头上刻一朵小花

在最坚硬的石头上刻一朵小花

A vulnerability classified as problematic was found in themebon Ultimate Image Hover Effects Plugin up to 1.1.2 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-22585. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Joomla up to 3.10.19/4.4.9/5.2.2. This affects an unknown part of the component View Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-40749. The attack needs to be initiated within the local network. There is no exploit available.

StarsX Team Defaced Four Different Websites

Eclypsium Report Describes BIOS/UEFI Issues in Illumina iSeq 100 Firmware
Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.

Unified Extended Access Management Platform Gains Key Integrations and Workflows
The addition of Trelica allows 1Password to accelerate its extended access management roadmap by 18 months. The acquisition emphasizes simplicity for end users while unifying SaaS visibility, device management and identity security under a single solution.

A vulnerability was found in Joomla up to 4.4.9/5.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Module Chrome Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-40747. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in pluginspoint Timeline Pro Plugin up to 1.3 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-22584. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Burria Laika Pedigree Tree Plugin up to 1.4 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-22593. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Arefly WP Header Notification Plugin up to 1.2.7 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-22579. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Joomla up to 3.10.19/4.4.9/5.2.2 and classified as problematic. This issue affects some unknown processing of the component Menu List Handler. The manipulation of the argument id leads to cross site scripting. The identification of this vulnerability is CVE-2024-40748. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Biltorvet Dealer Tools Plugin up to 1.0.22 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-22580. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Damion Armentrout Able Player Plugin up to 1.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-22577. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in copist Icons Enricher Plugin up to 1.0.8 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-22573. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in brianmiyaji Legacy ePlayer Plugin up to 0.9.9 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-22572. It is possible to launch the attack remotely. There is no exploit available.