Aggregator

CVE-2024-49342 | IBM Informix Dynamic Server 12.10/14.10 Setting excessive authentication

1 month 3 weeks ago

A vulnerability was found in IBM Informix Dynamic Server 12.10/14.10 and classified as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is handled as CVE-2024-49342. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-49343 | IBM Informix Dynamic Server 12.10/14.10 cross site scripting

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability has been found in IBM Informix Dynamic Server 12.10/14.10 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2024-49343. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Exploit available for critical Cisco ISE bug exploited in attacks

Bleeping Computer.

1 month 3 weeks ago

Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE). [...]

Bill Toulas

Hippie OSINT Toolkit (HOT): An OSINT toolkit providing informations on techniques and simple tools packaged in a nice responsive UI

Dark Web Informer - Cyber Threat Intelligence

1 month 3 weeks ago

Hippie OSINT Toolkit (HOT): An OSINT toolkit providing informations on techniques and simple tools packaged in a nice responsive UI

Dark Web Informer - Cyber Threat Intelligence

The Month of AI Bugs 2025

Embrace The Red

1 month 3 weeks ago

This year I spent a lot of time reviewing, exploiting and working with vendors to fix vulnerabilities in agentic AI systems. As a result, I’m excited to announce the Month of AI Bugs 2025! Goal Of The Initiative The main purpose of the Month of AI Bugs is to raise awareness about novel security vulnerabilities in agentic systems, primarily focusing on AI coding agents. Posts will cover both simple and advanced, sometimes even mind-boggling exploits.

New SHUYAL Attacking 19 Popular Browsers to Steal Login Credentials

Cyber Security News

1 month 3 weeks ago

A sophisticated new information stealer named SHUYAL has emerged in the cybersecurity landscape, demonstrating unprecedented scope in its credential harvesting capabilities. The malware targets login credentials from 19 different web browsers, ranging from mainstream applications like Google Chrome and Microsoft Edge to privacy-focused browsers such as Tor and Epic. This comprehensive approach makes SHUYAL particularly […]

The post New SHUYAL Attacking 19 Popular Browsers to Steal Login Credentials appeared first on Cyber Security News.

Tushar Subhra Dutta

GitHub security advisory (AV25-460)

CCCS - Alerts and advisories

1 month 3 weeks ago

Canadian Centre for Cyber Security

Senator presses Musk on Starlink ‘misuse’ by Southeast Asian scammers

The Record

1 month 3 weeks ago

Democrat Maggie Hassan says Starlink should acknowledge the use of its satellite internet tech for scams originating in Southeast Asia and do more to explain its response.

Raven Stealer Malware Exploits Telegram to Steal Logins, Payment Data, and Autofill Info

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 month 3 weeks ago

Raven Stealer has emerged as sophisticated, lightweight information-stealing malware crafted in Delphi and C++, targeting Windows systems with a focus on extracting sensitive data like logins, payment details, and autofill information from Chromium-based browsers such as Chrome and Edge. First spotted on GitHub on July 15, 2025, this malware operates with high stealth, requiring minimal […]

The post Raven Stealer Malware Exploits Telegram to Steal Logins, Payment Data, and Autofill Info appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2023-2533 | Papercut MF/NG 22.0.10 cross-site request forgery (EUVD-2023-34012)

Vuldb Updates

1 month 3 weeks ago

A vulnerability has been found in Papercut MF and NG 22.0.10 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2023-2533. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

Dropzone AI Gets $37M to Build Out Cyber AI Agent Ecosystem

DataBreachToday.com

1 month 3 weeks ago

Startup Targets Next-Gen Security Opportunities Beyond Autonomous SOC Agents
Dropzone AI raised $37 million to scale its flagship AI SOC analyst and build new agentic AI tools for cybersecurity operations. CEO Edward Wu says the funding supports demand surges as enterprises shift toward human-augmenting AI to handle alert fatigue and security tool sprawl.

Russia's Flag Carrier Cancels Flights After Hack Attack

DataBreachToday.com

1 month 3 weeks ago

Aeroflot Hit With Wiper Malware, Claim Pro-Ukrainian Hackers From Belarus
Russia's largest airline, Aeroflot, canceled dozens of flights on Monday and delayed more due to an IT disruption. Two pro-Ukrainian hacking groups from Belarus claimed to have wiped stolen extensive customer data before wiping 7,000 physical and virtual servers used by the airline.

CISA flags PaperCut RCE bug as exploited in attacks, patch now

Bleeping Computer.

1 month 3 weeks ago

CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. [...]

Sergiu Gatlan