Aggregator

A vulnerability, which was classified as problematic, has been found in hooskcms 1.8. Affected by this issue is some unknown functionality. The manipulation of the argument title leads to cross site scripting. This vulnerability is handled as CVE-2025-25988. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in FeMiner wms 1.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument date1/date2/id leads to sql injection. This vulnerability is known as CVE-2025-25994. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in hooskcms 1.7.1. Affected is an unknown function of the file /install/index.php. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-25990. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Kashipara Online Attendance Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file manage-employee.php. The manipulation of the argument department leads to cross site scripting. The identification of this vulnerability is CVE-2025-26158. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in IBM QRadar SIEM up to 7.5.0 UP11. It has been declared as problematic. This vulnerability affects unknown code of the component Web UI. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-56463. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IXON IXrouter IX2400 3.0. It has been classified as critical. This affects an unknown part of the component UART/SSH. The manipulation leads to use of hard-coded password. This vulnerability is uniquely identified as CVE-2024-57790. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability was found in CPython up to 3.13.x on Windows and classified as critical. Affected by this issue is some unknown functionality of the component File Extension Handler. The manipulation leads to untrusted search path. This vulnerability is handled as CVE-2024-3220. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in PHPGurukul Online Shopping Portal 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /shopping/track-orders.php of the component POST Request Parameter Handler. The manipulation of the argument orderid leads to sql injection. This vulnerability is known as CVE-2025-26156. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in SourceCodester Beauty Parlour Management System 1.1. Affected is an unknown function of the file /bpms/index.php of the component POST Request Parameter Handler. The manipulation of the argument name leads to sql injection. This vulnerability is traded as CVE-2025-26157. It is possible to launch the attack remotely. There is no exploit available.

A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law Firms & Legal Services industry. The eSentire Threat Response Unit (TRU) uncovered the group’s recent activities in January 2025, revealing a complex attack chain designed for corporate espionage. Technical Analysis: […]

The post EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems appeared first on Cyber Security News.

亚马逊宣布将从 2 月 26 日起关闭 Kindle 阅读器的 Download & Transfer via USB 功能。该功能被用于下载旧格式电子书破解 DRM。亚马逊 kindle 多年来使用了多种不同格式的电子书，从 AZW 到 KFX，每一种电子书使用了不同的 DRM，越新的越难以破解。以前用户可以通过 Download & Transfer via USB 下载容易破解 DRM 的 AZW3 格式电子书。现在亚马逊将堵上该漏洞。

A vulnerability, which was classified as critical, has been found in Orbe ONetView Roeador Onet-1200 Orbe 1680210096. This issue affects some unknown processing of the component Status Code Handler. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2024-57778. The attack may be initiated remotely. There is no exploit available.

A Threat Actor Claims to be Selling a Chromium Extension and Loader

The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide. This campaign, dubbed “Operation Marstech Mayhem,” involves the deployment of an advanced malware implant known as “Marstech1.” The operation marks a significant evolution in the group’s supply chain attacks, leveraging […]

The post Lazarus Group Using New Malware Tactic To Attack Developers Globally appeared first on Cyber Security News.

Новый способ сбора доказательств в особо сложных делах.

A vulnerability classified as critical was found in D-Link DIR-853 A1 1.20B07. This vulnerability affects unknown code of the component SetQuickVPNSettings Module. The manipulation of the argument PSK leads to stack-based buffer overflow. This vulnerability was named CVE-2025-25740. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in D-Link DIR-853 A1 1.20B07. This affects an unknown part of the component SetQuickVPNSettings Module. The manipulation of the argument Password leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-25745. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Arcadyan Livebox Fibra PRV3399B_B_LT. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /firstconnection.cgi of the component GPON Link Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-57725. The attack may be launched remotely. There is no exploit available.