Submit #734271: MineAdmin MineAdmin Enterprise Backend Management System MineAdmin v1.x MineAdmin v2.x Swagger Information Leakage Vulnerability [Accepted]
Submit #734271 / VDB-341779
Aggregator
Submit #734270: MineAdmin MineAdmin Enterprise Backend Management System MineAdmin v1.x MineAdmin v2.x Logical flaw and vulnerability [Accepted]
5 months ago
Submit #734270 / VDB-341778
sourbyte
How we mitigated a vulnerability in Cloudflare’s ACME validation logic
5 months ago
A vulnerability was recently identified in Cloudflare’s automation of certificate validation. Here we explain the vulnerability and outline the steps we’ve taken to mitigate it.
Hrushikesh Deshpande
CVE-2026-1192 | Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection
5 months ago
A vulnerability categorized as critical has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imode_alldata.php. Executing a manipulation of the argument DevId can lead to command injection.
This vulnerability is handled as CVE-2026-1192. The attack can be executed remotely. Additionally, an exploit exists.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
Submit #734205: Tosei Tosei Online Store Management System ネット店舗管理システム 1.01 Command Injection [Accepted]
5 months ago
Submit #734205 / VDB-341777
Yiding
Iranian state TV feed reportedly hijacked to air anti-regime messages
5 months ago
About 10 minutes of unauthorized video aired on Iranian state television over the weekend, according to multiple reports.
Oxfam 报告称全球财富不平等创新高
5 months ago
乐施会(Oxfam)发表年度报告《Resisting the Rule of the Rich》,称全球财富不平等在加速。2025 年亿万富翁的财富激增 2.5 万亿美元,几乎相当于全球半数人口(约 41 亿人)的财富总和。全球亿万富翁人数首次突破 3000 人,世界首富马斯克(Elon Musk)的财富也首次突破 5000 亿美元。报告警告,超级富豪正形成新的寡头政治,他们利用巨额财富收买政治、媒体和司法以维护自身财富,瓦解和摧毁进步政策,剥夺我们的基本公民权利和政治权利。报告举例说,贝佐斯收购《华盛顿邮报》,马斯克收购 Twitter/X,黄馨祥(Patrick Soon-Shion)控制《洛杉矶时报》,法国极右翼亿万富翁 Vincent Bollore 拥有 CNews。乐施会呼吁全世界人民联合起来捍卫自身权利,争取一个取代不平等和寡头政治的替代方案。
Доступ ко всему серверу в один клик. Уязвимость в Livewire Filemanager ставит под удар тысячи проектов
5 months ago
В популярном файловом менеджере для PHP-фреймворка нашли способ обхода авторизации.
Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites
5 months ago
Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security.
Deeba Ahmed
CVE-2026-1051 | Newsletter Plugin up to 9.1.0 on WordPress hook_newsletter_action cross-site request forgery
5 months ago
A vulnerability was found in Newsletter Plugin up to 9.1.0 on WordPress. It has been rated as problematic. Impacted is the function hook_newsletter_action. Performing a manipulation results in cross-site request forgery.
This vulnerability is known as CVE-2026-1051. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
CVE-2025-15466 | Image Photo Gallery Final Tiles Grid Plugin up to 3.6.9 on WordPress authorization
5 months ago
A vulnerability was found in Image Photo Gallery Final Tiles Grid Plugin up to 3.6.9 on WordPress. It has been declared as critical. This issue affects some unknown processing. Such manipulation leads to missing authorization.
This vulnerability is traded as CVE-2025-15466. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2026-1181 | Altium 365 up to 4.4.5 Post cross site scripting
5 months ago
A vulnerability was found in Altium 365 up to 4.4.5. It has been classified as problematic. This vulnerability affects unknown code of the component Post Handler. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2026-1181. The attack may be initiated remotely. There is no available exploit.
vuldb.com
Ingram Micro says ransomware attack affected 42,000 people
5 months ago
Information technology giant Ingram Micro has revealed that a ransomware attack on its systems in July 2025 led to a data breach affecting over 42,000 individuals. [...]
Sergiu Gatlan
从开赌场到盗窃 网安工程师涉案罪名三改
5 months ago
Free Converter Apps that Convert your Clean System to Infected in Seconds
5 months ago
Malicious file converter applications distributed through deceptive advertisements are infecting thousands of systems with persistent remote access trojans (RATs). These seemingly legitimate productivity tools perform their advertised functions while secretly installing backdoors that give attackers continuous access to victim computers. Nextron Systems found that the infection chain typically begins with malicious Google advertisements placed on […]
The post Free Converter Apps that Convert your Clean System to Infected in Seconds appeared first on Cyber Security News.
Guru Baran
⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More
5 months ago
In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in, often faster than security teams can react. This week’s stories show how easily a small mistake or hidden service can turn into a real
The Hacker News
Сначала гаснет свет, потом прилетает спецназ. Пентагон протестировал в Каракасе модель гибридной войны будущего
5 months ago
Рассказываем, как одна кнопка помогла полностью обезглавить целое государство.
G.O.S.S.I.P 阅读推荐 2026-01-19 LibSig
5 months ago
到底是CGO论文质量下滑,还是巴西科研水平尚未和世界接轨呢?
Ukraine Police Exposed Russian Hacker Group Specializes in Ransomware Attack
5 months ago
Ukrainian and German law enforcement have disrupted a Russian‑affiliated hacker group that has been carrying out high‑impact ransomware attacks against organizations worldwide, causing losses estimated in the hundreds of millions of euros. According to Ukraine’s Cyber Police and the Main Investigation Department of the National Police, working under the guidance of the Cyber Department of […]
The post Ukraine Police Exposed Russian Hacker Group Specializes in Ransomware Attack appeared first on Cyber Security News.
Abinaya
Nitrogen
5 months ago
You must login to view this content
cohenido