Aggregator

In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. In late 2024, Kaspersky discovered a new malicious campaign, […]

A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector," Seqrite Labs researcher Subhajeet Singha said in a technical report

A vulnerability was found in Webwasher Classic 2.2.1 and classified as critical. Affected by this issue is some unknown functionality of the component Access Restriction. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2005-0316. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Что движет современными лидерами?

A vulnerability, which was classified as problematic, was found in Wotlab Community Gallery 2.0. Affected is an unknown function of the file index.php/AJAXProxy of the component Proxy. The manipulation of the argument parameters[data][7][title] leads to cross site scripting. This vulnerability is traded as CVE-2015-2275. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Twilight Webserver 1.3.3.0. It has been classified as problematic. Affected is an unknown function of the component GET Request Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2003-1318. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Best Practical Request Tracker up to 3.8.14 and classified as critical. This vulnerability affects unknown code of the file Approvals. The manipulation of the argument ShowPending leads to sql injection. This vulnerability was named CVE-2013-3525. The attack can be initiated remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

In today’s challenging cyber threat landscape, having an effective Incident Response (IR) plan is essential. Discover how preparation and decisive action can help organizations minimize risks, maintain business continuity, and build resilience.

The post The Critical Importance of a Robust Incident Response Plan appeared first on Sygnia.

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code

A vulnerability was found in Oracle Retail Order Broker 5.1/5.2/15.0. It has been classified as problematic. This affects an unknown part of the component System Administration. The manipulation leads to open redirect. This vulnerability is uniquely identified as CVE-2018-11784. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Less than a month after its launch, DeepSeek has already shaken up the industry, caused NVidia’s stock to shed $600 billion, and sparked political controversy.   Now, the AI company is dealing with the consequences of major cyber attacks. As of February 5, DeepSeek is still having trouble letting new users join.   Let’s review the entire […]

The post Cyber Attacks on DeepSeek AI: What Really Happened? Full Timeline and Analysis appeared first on ANY.RUN's Cybersecurity Blog.

Хакеры наступают, а рынок труда лихорадит.

伪装成DeepSeek安装程序进行钓鱼攻击

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Explore our analysis into the eight vulnerabilities discovered in LogicalDOC DMS. Vulnerabilities include SQL injection, remote code execution, and XSS.

The post CyRC Advisory: Eight vulnerabilities discovered in LogicalDOC appeared first on Blog.

The post CyRC Advisory: Eight vulnerabilities discovered in LogicalDOC appeared first on Security Boulevard.

The report notes that the team has completed all experimental work on the physical evidence from the building’s structural elements.

A vulnerability has been found in Webminimalist Web Minimalist 200901 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2011-3861. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.8/4.2.0. This affects an unknown part. The manipulation leads to Local Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-24507. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability has been found in Spatie browsershot up to 5.0.4 and classified as critical. Affected by this vulnerability is the function Browsershot::html. The manipulation leads to path traversal: '../filedir'. This vulnerability is known as CVE-2025-1022. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.