Aggregator

A vulnerability identified as critical has been detected in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. This vulnerability is identified as CVE-2025-9598. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability categorized as critical has been discovered in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. This vulnerability is referenced as CVE-2025-9597. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Submit #636383 / VDB-321778

Cisco has issued a High-severity security advisory alerting customers to a critical vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of NX-OS Software for Cisco Nexus 3000 and 9000 Series switches.  Tracked as CVE-2025-20241 with a CVSS base score of 7.4, the flaw could allow an unauthenticated, Layer 2-adjacent attacker to send a malformed IS-IS […]

The post Cisco Nexus 3000 and 9000 Series Vulnerability Let Attackers Trigger DoS Attack appeared first on Cyber Security News.

A vulnerability was found in itsourcecode Sports Management System 1.0. It has been rated as critical. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. The identification of this vulnerability is CVE-2025-9596. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Anthropic показала, как ИИ стал соучастником преступлений.

MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April. [...]

Creators, Authors and Presenters: Danny Lazarev, Erez Harush

Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: Enhancing Secret Detection In Cybersecurity With Small LMs appeared first on Security Boulevard.

Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams

Submit #636370 / VDB-321775

Submit #636369 / VDB-321774

A vulnerability was found in code-projects Student Information Management System 1.0. It has been declared as problematic. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. This vulnerability was named CVE-2025-9595. The attack may be performed from a remote location. In addition, an exploit is available.

Submit #636365 / VDB-321773

Submit #636364 / VDB-321772

Submit #636363 / VDB-321771

A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been classified as critical. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9594. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. This vulnerability is handled as CVE-2025-9593. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in itsourcecode Apartment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. This vulnerability is known as CVE-2025-9592. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Farmers Insurance Exchange and its subsidiaries recently disclosed a significant security incident that compromised personal information of approximately 1.1 million customers through an unauthorized access to a third-party vendor’s database. The breach, which occurred on May 29, 2025, represents one of the largest insurance industry data exposures of the year, affecting customer records containing names, […]

The post Farmers Insurance Cyber Attack – 1.1 Million Customers Data Exposed in Salesforce Attack appeared first on Cyber Security News.

Submit #636362 / VDB-321770