Aggregator

A vulnerability classified as critical was found in PHPGurukul Vehicle Parking Management System 1.13. Affected by this issue is some unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate results in sql injection. This vulnerability was named CVE-2025-7522. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-outgoingvehicle.php. The manipulation of the argument del results in sql injection. This vulnerability is known as CVE-2025-7491. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Sectigo has successfully completed the largest migration of public certificate infrastructure in history, transitioning over half a million SSL/TLS, S/MIME, and code signing certificates from Entrust to Sectigo Certificate Manager. This milestone sets a new standard for digital trust transitions, giving customers a secure, automated, and future-ready CLM platform.

The post A promise fulfilled: Sectigo completes historic migration of Entrust public certificate business appeared first on Security Boulevard.

Учёные нашли способ обойти принцип Гейзенберга, который с 1927 года считался непреложным.

Several African countries targeted transnational criminal networks that used social media and other digital platforms to run romance and sextortion scams, Interpol said.

Generative AI can boost productivity—but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start. [...]

Cloudflare will soon automatically create an AI-optimized search index for your domain, and expose a set of ready-to-use standard APIs and tools including an MCP server, LLMs.txt, and a search API.

We will cover some of the reasons why operators need to monitor the AS-SET memberships for their ASN, and now Cloudflare Radar can help.

We're announcing two enhancements to our Application Performance suite that'll show how the world sees your website, and make it faster with one click - available Cloudflare Dashboard!

We’ve replaced the original core system in Cloudflare with a new modular Rust-based proxy, replacing NGINX.

This week’s threat landscape (Week 39) reflects the growing sophistication of adversaries who are rapidly blending technical exploits with social […]

The post Weekly Threat Landscape Digest – Week 39 appeared first on HawkEye.

A vulnerability was found in GNU Binutils 2.45. It has been rated as critical. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-11083. The attack must be carried out locally. In addition, an exploit is available. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. [...]

A vulnerability was found in GNU Binutils 2.45. It has been declared as critical. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. This vulnerability is tracked as CVE-2025-11082. The attack is restricted to local execution. Moreover, an exploit is present. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

Submit #661277 / VDB-326124

Reports said two boys arrested in the Netherlands are suspected of working on behalf of pro-Russian hackers outside prominent buildings in The Hague.

文章介绍了风险登记册的四个成熟度级别：基础跟踪、结构化数据收集、自动化集成及战略企业风险管理。通过逐步优化，风险登记册可从简单的记录工具发展为支持决策的企业战略工具，并连接网络安全与整体业务目标。

A vulnerability was found in GNU Binutils 2.45. It has been classified as problematic. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2025-11081. The attack is only possible with local access. Additionally, an exploit exists. It is suggested to install a patch to address this issue.

Submit #661276 / VDB-326123

A vulnerability marked as problematic has been reported in Discourse up to beta 3.4.0.beta3/stable 3.3.2/tests-passed 3.4.0.beta3. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to resource consumption. This vulnerability is listed as CVE-2024-53851. The attack may be initiated remotely. There is no available exploit. To fix this issue, it is recommended to deploy a patch.