Aggregator

Submit #645341 / VDB-323072

Organizations are seeking assistance to fix critical vulnerabilities. Solutions that orchestrate and automate network device protection put us on the right path.

A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational playbook of Kimsuky (APT43). The leak, comprising terminal history files, phishing domains, OCR workflows, compiled stagers, and a full Linux rootkit, revealed a credential-centric campaign that targeted South Korean government […]

The post Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure appeared first on Cyber Security News.

Более 600 уязвимых NetScaler в Рунете.

SentinelOne has announced its intent to acquire Observo AI. The deal will serve as an immediate complement and catalyst to SentinelOne’s AI SIEM and data offerings, which are already amongst the company’s fastest growing solutions, delivering a record contribution to quarterly bookings in Q2 FY26. It will also help SentinelOne usher in a new era of open, intelligent, and autonomous security operations, reimagining how SOC teams collect, enrich, and act on data across their entire … More →

The post SentinelOne to acquire Observo AI, enhancing SIEM and security operations appeared first on Help Net Security.

Submit #645331 / VDB-321919

A vulnerability was found in code-projects Online Event Judging System 1.0. It has been classified as critical. Affected is an unknown function of the file /review_search.php. The manipulation of the argument txtsearch leads to sql injection. This vulnerability is traded as CVE-2025-10104. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Online Event Judging System 1.0 and classified as critical. This impacts an unknown function of the file /home.php. Executing manipulation of the argument main_event can lead to sql injection. This vulnerability appears as CVE-2025-10103. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability has been found in code-projects Online Event Judging System 1.0 and classified as critical. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-10102. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability, which was classified as problematic, was found in OPSI up to 4.2. The impacted element is an unknown function of the component ProductPropertyState Handler. Such manipulation leads to state issue. This vulnerability is documented as CVE-2025-22956. The attack requires being on the local network. There is not any exploit available. You should upgrade the affected component.

Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics deployed by threat actors

Submit #645316 / VDB-323070

Submit #645298 / VDB-323069

Submit #645297 / VDB-323068

A vulnerability, which was classified as problematic, has been found in Multi-Purpose Inventory Management System Non-defining. The affected element is an unknown function of the file /Controller_Products/update of the component Query Handler. This manipulation of the argument product_name causes cross site scripting. This vulnerability is registered as CVE-2025-40641. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in WebWork. Impacted is an unknown function of the file /search of the component Parameter Handler. The manipulation of the argument q/engine results in cross site scripting. This vulnerability is cataloged as CVE-2025-40642. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Arm Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver. This issue affects some unknown processing. The manipulation leads to use after free. This vulnerability is listed as CVE-2025-3212. The attack must be carried out locally. There is no available exploit.

The "Gen Z protest" against Nepal's restrictions on 26 major social media platforms turned deadly as police clashed with demonstrators.

With WSUS deprecated, it's time to move from an outdated legacy patching system to a modern one. Learn from Action1 how its modern patching platform offers cloud-native speed, 3rd-party coverage, real-time compliance, and zero infrastructure. Try it free now! [...]

LunaLock, a newly surfaced ransomware strain, has launched a targeted campaign against independent artists and their clients, demanding a hefty ransom in exchange for stolen creative works and leaked personal data. Emerging in early September 2025, the LunaLock group claims responsibility for breaching Artists & Clients, a popular digital marketplace where illustrators connect with patrons […]

The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.