Aggregator

Hackers Compromise Discord Invite to Inject Malicious Links Delivering AsyncRAT

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months 3 weeks ago

Threat actors have exploited Discord’s invite system to distribute malicious links, ultimately delivering AsyncRAT and other harmful payloads. Discord, a widely trusted platform for gamers, developers, and communities, has become a target for cybercriminals who abuse its infrastructure particularly the invite link and content delivery features to orchestrate phishing schemes and malware infections. This campaign, […]

The post Hackers Compromise Discord Invite to Inject Malicious Links Delivering AsyncRAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2006-5770 | ac4p ac4p Mobile index.php pagenav cross site scripting (EDB-28905 / XFDB-30007)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in ac4p ac4p Mobile. This issue affects some unknown processing of the file index.php. The manipulation of the argument pagenav leads to basic cross site scripting. The identification of this vulnerability is CVE-2006-5770. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6114 | D-Link DIR-619L 2.06B01 form_portforwarding ingress_name_%d/sched_name_%d/name_%d stack-based overflow (EUVD-2025-18370)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this vulnerability is the function form_portforwarding of the file /goform/form_portforwarding. The manipulation of the argument ingress_name_%d/sched_name_%d/name_%d leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2025-6114. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

GrayAlpha Hackers Group Exploits Browser Updates to Deploy PowerNet Loader and NetSupport RAT

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months 3 weeks ago

A new infrastructure linked to GrayAlpha, a cybercriminal entity overlapping with the notorious FIN7 group, has been exposed. This financially motivated threat actor, active since at least 2013, is known for its sophisticated attacks targeting retail, hospitality, and financial sectors. Custom Malware Uncovered The latest findings reveal GrayAlpha’s use of custom malware, including a PowerShell […]

The post GrayAlpha Hackers Group Exploits Browser Updates to Deploy PowerNet Loader and NetSupport RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2024-35133 | IBM Security Verify Access up to 10.0.8 OIDC Provider redirect (EDB-52123 / XFDB-291026)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in IBM Security Verify Access and Security Verify Access Docker up to 10.0.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component OIDC Provider Handler. The manipulation leads to open redirect. This vulnerability is known as CVE-2024-35133. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

观点 | 推动公共数据按需有序安全流动

中国信息安全
2 months 3 weeks ago
近年来在数据要素登记确权和数据要素产业化方面已取得了一批富有成效的场景化应用。但从全国整体来看,数据要素开发利用与高质量发展要求相比,数据确权与基础制度有待完善,数据流通与交易机制不畅,隐私保护与安全风险突出,应用场景与价值释放受限。

Managed ad