Aggregator

Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques

Submit #645503 / VDB-323083

Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering, the group behind LunaLock has zeroed in on a niche marketplace—Artists & Clients—where freelance creators exchange custom commissions. Initial intrusion involved spear-phishing campaigns disguised as royalty notifications, enticing victims to […]

The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on Cyber Security News.

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Forum Discussion System 1.0. This impacts an unknown function of the file /admin_class.php?action=login. Performing manipulation of the argument Username results in sql injection. This vulnerability is cataloged as CVE-2025-10100. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The pro-Russian hacker group NoName057(16) is making headlines again. Between the end of July and the beginning of August 2025, the public websites of several German cities, including Trier, Mainz, Ludwigshafen, and Koblenz, were the target of coordinated DDoS attacks. These incidents highlight the growing threat posed by politically motivated cyberattacks in the context of […]

The post NoName057(16): Pro-Russian hacker group attacks German cities with DDoS attacks appeared first on Link11.

A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. This affects an unknown function of the file /admin/modules/room/index.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is listed as CVE-2025-10113. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability classified as critical has been found in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/department/index.php. This manipulation of the argument ID causes sql injection. This vulnerability is tracked as CVE-2025-10112. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability described as critical has been identified in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/instructor/index.php. The manipulation of the argument ID results in sql injection. This vulnerability is identified as CVE-2025-10111. The attack can be executed remotely. Additionally, an exploit exists.

Submit #645389 / VDB-323080

A vulnerability marked as critical has been reported in ChanCMS up to 3.3.1. Impacted is an unknown function of the file /search/. The manipulation with the input '%20or%201=1%20%23/words.html leads to sql injection. This vulnerability is referenced as CVE-2025-10110. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Key Takeaways Private Threat Briefs: 20+ private DFIR reports annually. Contact us today for pricing or a demo! Table of Contents: Case Summary Analysts Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact Timeline Diamond Model Indicators Detections MITRE ATT&CK Case Summary The intrusion began in […]

The post Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs appeared first on The DFIR Report.

Submit #645388 / VDB-323079

Submit #645387 / VDB-323078

Submit #645386 / VDB-323077

A vulnerability labeled as critical has been found in Campcodes Online Loan Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=delete_payment. Executing manipulation of the argument ID can lead to sql injection. The identification of this vulnerability is CVE-2025-10109. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability identified as critical has been detected in Campcodes Online Loan Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_loan. Performing manipulation of the argument ID results in sql injection. This vulnerability was named CVE-2025-10108. The attack may be initiated remotely. In addition, an exploit is available.

Submit #645383 / VDB-323076

本文提出了一种名为 GlareShell 的创新性PHP Webshell检测框架，该框架基于图学习技术，融合了语义嵌入、风险权重分配和图神经网络分类三重机制。