Global
You must login to view this content
Aggregator
Weekly Darknet Markets News 07/28/2025
8 months 3 weeks ago
Weekly Darknet Markets News 07/28/2025
Dark Web Informer - Cyber Threat Intelligence
Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers
8 months 3 weeks ago
The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around Aug. 1.
Kristina Beek
Muddled Libra Actors Attacking Organizations Call Centers for Initial Infiltration
8 months 3 weeks ago
The cyberthreat landscape witnessed a concerning evolution in 2025 as the notorious Muddled Libra threat group dramatically shifted their attack methodology, pivoting from traditional phishing campaigns to sophisticated voice-based social engineering targeting organizational call centers and help desks. This Western-based collective, comprising primarily young English-speaking cybercriminals, has transformed their operational approach to achieve unprecedented speed […]
The post Muddled Libra Actors Attacking Organizations Call Centers for Initial Infiltration appeared first on Cyber Security News.
Tushar Subhra Dutta
BeyondTrust security advisory (AV25-461)
8 months 3 weeks ago
Canadian Centre for Cyber Security
CVE-2025-50484 | PHPGurukul Small CRM 3.0 /change-password.php session expiration
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. This issue affects some unknown processing of the file /change-password.php. The manipulation leads to session expiration.
The identification of this vulnerability is CVE-2025-50484. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-50487 | PHPGurukul Blood Bank & Donor Management System 2.4 /change-password.php session expiration
8 months 3 weeks ago
A vulnerability classified as critical was found in PHPGurukul Blood Bank & Donor Management System 2.4. This vulnerability affects unknown code of the file /change-password.php. The manipulation leads to session expiration.
This vulnerability was named CVE-2025-50487. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-8194 | CPython up to 3.13.x tarfile Module infinite loop (Issue 130577)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in CPython up to 3.13.x. This affects an unknown part of the component tarfile Module. The manipulation leads to infinite loop.
This vulnerability is uniquely identified as CVE-2025-8194. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
8 months 3 weeks ago
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs. [...]
Bill Toulas
U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog
8 months 3 weeks ago
U.S. U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week, Cisco confirmed attempted exploitation […]
Pierluigi Paganini
ArmouryLoader Bypasses Security Protections to Inject Malicious Code
8 months 3 weeks ago
ArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing world of cyberattacks. First identified in 2024, ArmouryLoader exploits the ASUS Armoury Crate software by hijacking its export functions, such as freeBuffer in ArmouryA.dll, to initiate multi-stage execution chains. This loader facilitates privilege escalation, persistence, […]
The post ArmouryLoader Bypasses Security Protections to Inject Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Laundry Bear Infrastructure, Key Tactics and Procedures Uncovered
8 months 3 weeks ago
A sophisticated Russian state-sponsored advanced persistent threat (APT) group known as Laundry Bear has emerged as a significant cybersecurity concern, targeting NATO countries and Ukraine through an extensive campaign of espionage and intelligence gathering. Also tracked as Void Blizzard by Microsoft Threat Intelligence, this threat actor has been actively operating since at least April 2024, […]
The post Laundry Bear Infrastructure, Key Tactics and Procedures Uncovered appeared first on Cyber Security News.
Tushar Subhra Dutta
Chaos Ransomware Rises as BlackSuit Gang Falls
8 months 3 weeks ago
Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement.
Alexander Culafi
Nile Gives Your Campus Network More Than Just a Password
8 months 3 weeks ago
For decades, network security followed a simple model: the castle and moat design philosophy. We built strong perimeters with firewalls and relied on Network Access Control (NAC) to act as a guardian, checking credentials at the door. Once inside, users and devices were assumed to be trusted. Today, the assumptions have all changed. Thanks to..
The post Nile Gives Your Campus Network More Than Just a Password appeared first on Security Boulevard.
Tom Hollingsworth
ToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePoint
8 months 3 weeks ago
Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed “ToolShell,” actively targeting on-premise Microsoft SharePoint servers worldwide. The campaign, which began widespread exploitation leverages an unauthenticated remote code execution (RCE) chain involving CVE-2025-49704 and CVE-2025-49706, enabling attackers to seize full control of vulnerable systems. Alerts from various security firms and national CERTs highlight […]
The post ToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePoint appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
12,6 лет в антарктическом льду: детектор IceCube не поймал ни одного "призрака Вселенной"
8 months 3 weeks ago
Призраки из глубин Вселенной снова ускользнули.
Ghost Students Drain Money, Resources From Educational Sector
8 months 3 weeks ago
The education sector is haunted by a significant fraud problem where fake students impersonate celebrities and employ other identity techniques to steal resources and money from legitimate students.
Arielle Waldman
WorldLeaks
8 months 3 weeks ago
You must login to view this content
cohenido
Endgame Gear mouse config tool infected users with malware
8 months 3 weeks ago
Gaming peripherals maker Endgame Gear is warning that malware was hidden in its configuration tool for the OP1w 4k v2 mouse hosted on the official website between June 26 and July 9, 2025. [...]
Bill Toulas
ROBINSON Falls Victim to Qilin Ransomware
8 months 3 weeks ago
ROBINSON Falls Victim to Qilin Ransomware
Dark Web Informer - Cyber Threat Intelligence