Aggregator
BreachForums hacking forum operators reportedly arrested in France
2 months 2 weeks ago
The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions. [...]
Bill Toulas
WordPress Motors 主题漏洞被大规模利用来劫持管理员账户
2 months 2 weeks ago
安全客
Интернет превратился в рентген для силовых структур. Просвечивает всех насквозь
2 months 2 weeks ago
Загружаешь фото — получаешь досье. Когда официальные данные работают против системы.
INC
2 months 2 weeks ago
You must login to view this content
cohenido
CVE-2007-3182 | Calendarix cal_footer.inc.php leftfooter cross site scripting (EDB-30232 / XFDB-35045)
2 months 2 weeks ago
A vulnerability was found in Calendarix. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file cal_footer.inc.php. The manipulation of the argument leftfooter leads to basic cross site scripting.
This vulnerability is known as CVE-2007-3182. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Ransomware attack contributed to patient’s death, says Britain’s NHS
2 months 2 weeks ago
A cybercrime group's attack against a London-based pathology service last year was one of the "contributing factors" in the death of a patient, U.K. officials said.
CVE-2024-51982 | Printer Service Port 9100 FORMLINES improper validation of syntactic correctness of input (EUVD-2024-54702)
2 months 2 weeks ago
A vulnerability has been found in Brother Industries/FUJIFILM Business Innovation/RICOH Printer and classified as critical. Affected by this vulnerability is an unknown functionality of the component Service Port 9100. The manipulation of the argument FORMLINES leads to improper validation of syntactic correctness of input.
This vulnerability is known as CVE-2024-51982. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-51981 | Printer WS-Addressing server-side request forgery (EUVD-2024-54701)
2 months 2 weeks ago
A vulnerability was found in Brother Industries/FUJIFILM Business Innovation/RICOH/Toshiba Tec Printer. It has been declared as critical. This vulnerability affects unknown code of the component WS-Addressing. The manipulation leads to server-side request forgery.
This vulnerability was named CVE-2024-51981. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-51980 | Printer Web Service server-side request forgery (EUVD-2024-54700)
2 months 2 weeks ago
A vulnerability was found in Brother Industries/FUJIFILM Business Innovation/RICOH/Toshiba Tec Printer. It has been classified as critical. This affects an unknown part of the component Web Service. The manipulation leads to server-side request forgery.
This vulnerability is uniquely identified as CVE-2024-51980. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-51979 | Printer HTTP Service/HTTPS Service/IPP Service Origin header stack-based overflow (EUVD-2024-54699)
2 months 2 weeks ago
A vulnerability was found in Brother Industries/FUJIFILM Business Innovation/RICOH Printer. It has been rated as critical. This issue affects some unknown processing of the component HTTP Service/HTTPS Service/IPP Service. The manipulation of the argument Origin header leads to stack-based buffer overflow.
The identification of this vulnerability is CVE-2024-51979. The attack may be initiated remotely. There is no exploit available.
vuldb.com
威胁者据称出售针对 FortiOS 的 FortiGate API 漏洞工具
2 months 2 weeks ago
安全客
360安全智能体入选“优秀解决方案” 树立大模型赋能行业新标杆
2 months 2 weeks ago
安全客
CVE-2025-6431 | Mozilla Firefox up to 139 on Android Link improper authorization (EUVD-2025-19087)
2 months 2 weeks ago
A vulnerability was found in Mozilla Firefox up to 139 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Link Handler. The manipulation leads to improper authorization.
This vulnerability is known as CVE-2025-6431. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Glasgow City Council impacted by ‘cyber incident’
2 months 2 weeks ago
The Glasgow City Council announced that it was affected by an incident “disrupting a number of online services and which may have involved the theft of customer data.”
New ‘CitrixBleed2’ NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild
2 months 2 weeks ago
A critical memory overflow vulnerability in NetScaler ADC and Gateway products could enable denial-of-service attacks. Exploits of this vulnerability have already been observed in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS v4.0 base score of 9.2, classifying it as critical severity. This memory overflow flaw stems from improper restriction of operations within […]
The post New ‘CitrixBleed2’ NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.
Guru Baran
CVE-2025-45754 | SeedDMS 6.0.32 Document Name cross site scripting (EUVD-2025-16038)
2 months 2 weeks ago
A vulnerability classified as problematic has been found in SeedDMS 6.0.32. This affects an unknown part of the component Document Name Handler. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-45754. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
Clearspeed Raises $60M to Scale AI Voice-Based Risk Platform
2 months 2 weeks ago
Voice Analytics Firm to Expand Footprint in Finance, Defense and Insurance
Clearspeed will use its $60 million raise to build out teams and technology as it scales its AI-powered voice screening platform across finance, insurance and security sectors. CEO Alex Martin said the firm aims to double revenue and push into conservative sectors seeking AI-powered trust solutions.
Clearspeed will use its $60 million raise to build out teams and technology as it scales its AI-powered voice screening platform across finance, insurance and security sectors. CEO Alex Martin said the firm aims to double revenue and push into conservative sectors seeking AI-powered trust solutions.
nOAuth Lives on in Cloud App Logins Using Entra ID
2 months 2 weeks ago
Hackers Can Use Unverified Email to Log onto SaaS Apps With Entra ID
A flaw in a Microsoft single sign-on feature allowing cloud app account takeovers discovered in 2023 never really went away, say researchers - notwithstanding a computing giant claim that it almost immediately fixed the vulnerability known as nOAuth.
A flaw in a Microsoft single sign-on feature allowing cloud app account takeovers discovered in 2023 never really went away, say researchers - notwithstanding a computing giant claim that it almost immediately fixed the vulnerability known as nOAuth.
AI or Data Governance? Gartner Says You Need Both
2 months 2 weeks ago
Gartner Says Leaders Should Balance AI Innovation With Strong Data Governance
As AI adoption grows, Gartner warns that data governance, not technology, is the top hurdle. At the Mumbai summit, Gartner analysts said data and analytics leaders should shift from fear to trust, align with business goals and scale AI through practical governance.
As AI adoption grows, Gartner warns that data governance, not technology, is the top hurdle. At the Mumbai summit, Gartner analysts said data and analytics leaders should shift from fear to trust, align with business goals and scale AI through practical governance.