Aggregator

CVE-2025-46777 | Fortinet FortiPortal up to 7.0.9/7.2.5/7.4.0 log file (FG-IR-24-380)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Fortinet FortiPortal up to 7.0.9/7.2.5/7.4.0. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2025-46777. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-24473 | Fortinet FortiClientWindows up to 7.2.1 exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-548)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Fortinet FortiClientWindows up to 7.2.1. Affected by this issue is some unknown functionality. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is handled as CVE-2025-24473. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47295 | Fortinet FortiOS up to 6.4.16/7.0.14/7.2.7/7.4.3 FGFM Daemon buffer over-read (FG-IR-24-381)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability classified as problematic was found in Fortinet FortiOS up to 6.4.16/7.0.14/7.2.7/7.4.3. Affected by this vulnerability is an unknown functionality of the component FGFM Daemon. The manipulation leads to buffer over-read. This vulnerability is known as CVE-2025-47295. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47294 | Fortinet FortiOS up to 6.4.16/7.0.14/7.2.7 csfd Daemon integer overflow (FG-IR-24-388)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability classified as problematic has been found in Fortinet FortiOS up to 6.4.16/7.0.14/7.2.7. Affected is an unknown function of the component csfd Daemon. The manipulation leads to integer overflow. This vulnerability is traded as CVE-2025-47294. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-4009 | Evertz SVDN 3080ipx-10G Web Management Interface command injection

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability was found in Evertz SVDN 3080ipx-10G, MViP-II, cVIP, 7890IXG, CC Access Server and 5782XPS-APP-4E. It has been rated as very critical. This issue affects some unknown processing of the component Web Management Interface. The manipulation leads to command injection. The identification of this vulnerability is CVE-2025-4009. The attack may be initiated remotely. There is no exploit available.
vuldb.com

How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds

The Hackers News
10 months 3 weeks ago
Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall victim to a Browser-in-the-Middle (BitM) attack. Like Man-in-the-Middle (MitM) attacks, BiTM sees criminals look to control the data flow between the victim’s computer and the target service, as
The Hacker News

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

The Hackers News
10 months 3 weeks ago
Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise on May 8, 2025, involved as many as 251 malicious IP addresses that are all geolocated to Japan and hosted by Amazon. "These IPs triggered 75 distinct behaviors, including CVE exploits,
The Hacker News

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Security Affairs
10 months 3 weeks ago
Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (“bitdefender-download[.]com”) spoofing Bitdefender’s Antivirus for Windows download page to trick visitors into downloading a remote access trojan called Venom RAT. “A malicious campaign […]
Pierluigi Paganini

MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 3 weeks ago

MathWorks, the renowned developer of MATLAB and Simulink, has been grappling with the aftermath of a significant ransomware attack that began on Sunday, May 18, 2025. The incident, which affected both customer-facing and internal IT systems, prompted immediate notification to federal law enforcement and the mobilization of cybersecurity experts. As of May 27, many services […]

The post MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Managed ad