Aggregator

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently. While CI/CD automation accelerates software delivery, it can also introduce security

A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-5033. The attack can be launched remotely. Furthermore, there is an exploit available.

近日，绿盟科技CERT监测到VMware发布安全公告，修复了VMware vCenter Server命令执行漏洞 (CVE-2025-41225）。CVSS评分8.8，请相关用户尽快采取措施进行防护。

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. This vulnerability is traded as CVE-2025-5032. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-5031. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. This vulnerability was named CVE-2025-5030. The attack can be initiated remotely. Furthermore, there is an exploit available.

关键词网络攻击威斯康星州无线提供商Cellcom证实,网络攻击是导致2025年5月14日晚上开始的广泛服务中断

关键词网络安全移动安全研究机构Zimperium最新发布的研究报告揭示了iOS生态系统中一个日益严峻的安全问题

关键词网络安全5月20日，广州市公安局天河区分局发布通报，辖区一科技公司自助设备系统遭到境外黑客组织攻击。

Submit #580729 / VDB-309853

Experts tell CyberScoop that the U.S. telecom system is just too technologically fragmented to gather a clear picture of threats, and too big to ever fully eject all espionage efforts.

The post A house full of open windows: Why telecoms may never purge their networks of Salt Typhoon appeared first on CyberScoop.

The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco

Submit #580601 / VDB-309852

A vulnerability was found in Proget Konsola MDM up to 2.17.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-1415. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Submit #580524 / VDB-309851

Submit #580526 / VDB-309850

近日，Goby安全研究团队发现Clash verge 两个RCE漏洞：4月28日，Clash verge RC

A vulnerability was found in VMware Spring Security up to 6.4.5 and classified as critical. Affected by this issue is some unknown functionality of the component Aspects. The manipulation leads to authorization bypass. This vulnerability is handled as CVE-2025-41232. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Security Operations Centers (SOCs) are under constant pressure to detect threats faster, respond more effectively, and reduce operational noise. Metrics like Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), False Positive Rate (FPR), and True Positive Rate (TPR) are more than just numbers — they define the health and impact of a business […]

The post How SOC Teams Improve Mean Time to Detect and Other KPIs with Threat Intelligence Feeds appeared first on ANY.RUN's Cybersecurity Blog.