Aggregator

Fortinet FortiWeb Instances Hacked With Webshells Following Public PoC Exploits

Cyber Security News
5 months ago

Dozens of Fortinet FortiWeb instances have been compromised with webshells in a widespread hacking campaign, according to the threat monitoring organization The Shadowserver Foundation. The attacks are linked to a critical vulnerability, tracked as CVE-2025-25257, for which public proof-of-concept (PoC) exploits were released just days ago. Key Takeaways1. A critical flaw in Fortinet FortiWeb is […]

The post Fortinet FortiWeb Instances Hacked With Webshells Following Public PoC Exploits appeared first on Cyber Security News.

Guru Baran

CVE-2025-53931 | LabRedesCefetRJ WeGIA up to 3.4.4 adicionar_raca.php raca cross site scripting (EUVD-2025-21724)

VulDB Recent Entries
5 months ago
A vulnerability classified as problematic has been found in LabRedesCefetRJ WeGIA up to 3.4.4. This affects an unknown part of the file adicionar_raca.php. The manipulation of the argument raca leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-53931. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-53930 | LabRedesCefetRJ WeGIA up to 3.4.4 adicionar_especie.php especie cross site scripting (EUVD-2025-21728)

VulDB Recent Entries
5 months ago
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.4.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file adicionar_especie.php. The manipulation of the argument especie leads to cross site scripting. This vulnerability is handled as CVE-2025-53930. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-53929 | LabRedesCefetRJ WeGIA up to 3.4.4 adicionar_cor.php cor cross site scripting (EUVD-2025-21729)

VulDB Recent Entries
5 months ago
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.4.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file adicionar_cor.php. The manipulation of the argument cor leads to cross site scripting. This vulnerability is known as CVE-2025-53929. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

MacOS Malware NimDoor Weaponizing Zoom SDK Update to Steal Keychain Credentials

Cyber Security News
5 months ago

A sophisticated MacOS malware campaign dubbed NimDoor has emerged, targeting Web3 and cryptocurrency organizations through weaponized Zoom SDK updates. The malware, attributed to North Korea-linked threat actors likely associated with Stardust Chollima, represents a significant evolution in offensive capabilities against MacOS systems, having been active since at least April 2025. The attack orchestration begins with […]

The post MacOS Malware NimDoor Weaponizing Zoom SDK Update to Steal Keychain Credentials appeared first on Cyber Security News.

Tushar Subhra Dutta

乌克兰黑客破坏了俄罗斯无人机制造商的 IT 基础设施

Solidot
5 months ago
乌克兰黑客与情报部门合作,成功破坏了俄罗斯最大无人机制造商之一的 Gaskar Integration 的 IT 基础设施,导致该公司的生产陷入瘫痪。黑客在此次攻击中窃取了 47 TB 数据,之后将包括备份在内的所有数据全部从服务器上抹掉。窃取的数据转交给了乌克兰国防部。

Mozilla 征求用户对 Firefox 未来发展的意见

Solidot
5 months ago
Firefox 最近推出了多项用户期待已久的新功能,如标签页组和垂直标签,Mozilla 此举也是旨在响应社区民意。在推出这些新功能之后,Firefox 接下来该这么做呢?Mozilla 开发者通过官方论坛征求用户的意见,并准备进行一次社区的 AMA(你问我答)活动。

CVE-2024-6234 | Red Hat Ansible Automation Platform EDA Server information disclosure

VulDB Recent Entries
5 months ago
A vulnerability was found in Red Hat Ansible Automation Platform and classified as problematic. This issue affects some unknown processing of the component EDA Server. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-6234. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com

Managed ad