Aggregator

CVE-2025-59390 | Apache Druid up to 34.0.0 Kerberos cryptographic issues (EUVD-2025-199714)

Vuldb Updates
3 weeks 4 days ago
A vulnerability, which was classified as problematic, was found in Apache Druid up to 34.0.0. This affects an unknown function of the component Kerberos. The manipulation results in cryptographic issues. This vulnerability is cataloged as CVE-2025-59390. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-12061 | Tax Service Electronic HDM Plugin up to 1.2.0 on WordPress cross-site request forgery (EUVD-2025-199709)

Vuldb Updates
3 weeks 4 days ago
A vulnerability was found in Tax Service Electronic HDM Plugin up to 1.2.0 on WordPress and classified as problematic. Affected is an unknown function. Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2025-12061. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-62728 | Apache Hive up to 4.1.x HMS Thrift API sql injection (EUVD-2025-199715)

Vuldb Updates
3 weeks 4 days ago
A vulnerability was found in Apache Hive up to 4.1.x. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component HMS Thrift API. Performing manipulation results in sql injection. This vulnerability is reported as CVE-2025-62728. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

Gain Real-time Visibility to Future Proof Your Network for Autonomous Operations

Netscout
3 weeks 4 days ago
Research shows that networks are becoming progressively more autonomous in an effort to support efficiency and adaptability for advanced use cases. To continue the journey to full autonomous operations within the dynamic 5G ecosystem and beyond, networks need better data sources. High-fidelity curated data can provide...
Agnes Mends-Crentsil

FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks

Cyber Security News
3 weeks 4 days ago

The Federal Bureau of Investigation (FBI) has issued urgent warnings about cybercriminals spoofing the official Internet Crime Complaint Center (IC3) website to conduct phishing attacks and steal sensitive personal information. These fake sites mimic the legitimate www.ic3.gov portal with near-perfect replicas, borrowing content, layouts, and visuals to deceive users into submitting names, addresses, phone numbers, […]

The post FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks appeared first on Cyber Security News.

Guru Baran

Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data

Cyber Security News
3 weeks 4 days ago

The Akira ransomware group has begun weaponizing vulnerabilities in SonicWall SSL VPN devices, turning merger-and-acquisition (M&A) processes into high-speed launchpads for cyberattacks. This trend exposes dangerous blind spots for businesses acquiring smaller companies, as inherited SonicWall devices often serve as easy entry points for attackers. How Akira Ransomware Targets M&A Environments During mergers and acquisitions, […]

The post Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Dhivya

Видео SOC Forum 2025: аппаратно защищенный бэкап на 50 лет

Securitylab.ru
3 weeks 4 days ago
Корпорация ЭЛАР показала новый подход по защите критически важных данных и созданию бэкапов последней надежды на Российской Неделе Кибербезопасности. В рамках SOC Forum впервые на российском рынке продемонстрированы системы хранения данных, рассчитанные на десятки лет аппаратно защищенного хранения.

Managed ad