Aggregator

CVE-2025-8153 | NEC UNIVERGE IX/UNIVERGE IX-R/UNIVERGE IX-V cross site scripting (EUVD-2025-29671 / CNNVD-202509-2833)

4 months 3 weeks ago

A vulnerability described as problematic has been identified in NEC UNIVERGE IX, UNIVERGE IX-R and UNIVERGE IX-V. This vulnerability affects unknown code. Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-8153. The attack can be launched remotely. No exploit exists.

vuldb.com

CVE-2025-8394 | Productive Style Plugin up to 1.1.23 on WordPress Shortcode display_productive_breadcrumb cross site scripting (EUVD-2025-29677 / CNNVD-202509-2832)

Vuldb Updates

4 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in Productive Style Plugin up to 1.1.23 on WordPress. Affected by this issue is the function display_productive_breadcrumb of the component Shortcode Handler. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-8394. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2025-10143 | Catch Dark Mode Plugin up to 2.0 on WordPress Shortcode catch_dark_mode file inclusion (EUVD-2025-29676 / CNNVD-202509-2835)

Vuldb Updates

4 months 3 weeks ago

A vulnerability categorized as critical has been discovered in Catch Dark Mode Plugin up to 2.0 on WordPress. This issue affects the function catch_dark_mode of the component Shortcode Handler. The manipulation results in file inclusion. This vulnerability is known as CVE-2025-10143. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

CVE-2025-10166 | tw2113 Social Media Shortcodes Plugin up to 1.3.1 on WordPress Shortcode cross site scripting (EUVD-2025-29678 / CNNVD-202509-2834)

Vuldb Updates

4 months 3 weeks ago

A vulnerability was found in tw2113 Social Media Shortcodes Plugin up to 1.3.1 on WordPress. It has been classified as problematic. This issue affects the function Media of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-10166. The attack can be initiated remotely. There is not any exploit available.

vuldb.com

CVE-2025-10050 | Developer Loggers for Simple History Plugin up to 0.5 on WordPress enabled_loggers file inclusion (EUVD-2025-29674 / CNNVD-202509-2836)

Vuldb Updates

4 months 3 weeks ago

A vulnerability classified as problematic has been found in Developer Loggers for Simple History Plugin up to 0.5 on WordPress. This impacts an unknown function. The manipulation of the argument enabled_loggers leads to file inclusion. This vulnerability is referenced as CVE-2025-10050. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

0-Click ChatGPT Agent Vulnerability Allows Sensitive Data Exfiltration from Gmail

Cyber Security News

4 months 3 weeks ago

A zero-click vulnerability discovered in ChatGPT’s Deep Research agent allowed attackers to exfiltrate sensitive data from a user’s Gmail account without any user interaction. The flaw, which OpenAI has since patched, leveraged a sophisticated form of indirect prompt injection hidden within an email, tricking the agent into leaking personal information directly from OpenAI’s cloud infrastructure. […]

The post 0-Click ChatGPT Agent Vulnerability Allows Sensitive Data Exfiltration from Gmail appeared first on Cyber Security News.

Guru Baran

Harold Liebregs aan het roer bij Koninklijke Marine in grimmige tijden

Defensie.nl - Nieuwsberichten

4 months 3 weeks ago

Viceadmiraal Harold Liebregs is sinds vanmiddag Commandant Zeestrijdkrachten en Admiraal Benelux. Op de marinebasis in Den Helder nam hij het bevel over de Koninklijke Marine over van ranggenoot René Tas. Op de valreep van zijn vertrek deed hij nog pittige uitspraken.

Установил VPN и лайкнул запрещенку — получи 25 лет тюрьмы. Оруэлл недооценил фантазию законодателей

Securitylab.ru

4 months 3 weeks ago

Грань между нормой и запретом становится тоньше, чем когда-либо.

CVE-2022-50301 | Linux Kernel up to 6.0.2 omap2_iommu_dump_ctx len buffer overflow (Nessus ID 265266)

Vuldb Updates

4 months 3 weeks ago

A vulnerability was found in Linux Kernel up to 6.0.2 and classified as critical. Affected is the function omap2_iommu_dump_ctx. The manipulation of the argument len results in buffer overflow. This vulnerability was named CVE-2022-50301. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.

vuldb.com

Darknet Actor Offers Israeli Tourism Data for Sale

Dark Feed IO

4 months 3 weeks ago

You must login to view this content

cohenido

Вы уволены. ИИ-модели Google и OpenAI взяли «золото» на олимпиаде по программированию

Securitylab.ru

4 months 3 weeks ago

ИИ впервые показал уровень чемпионов ICPC.

【资料】认知战：大脑和行为科学的武器化

丁爸情报分析师的工具箱

4 months 3 weeks ago

这是一篇关于认知战的学术论文，主要探讨了认知战的概念、历史背景、技术手段及其对现代社会的影响。

【资料】伊朗网络威胁情报报告：战时网络打击行动和雇佣军间谍软件攻击的出现

丁爸情报分析师的工具箱

4 months 3 weeks ago

这是一篇关于伊朗网络威胁情报的报告，主要分析了2025年上半年伊朗面临的网络攻击趋势、数字权利侵犯以及安全机构采取的压制措施。

【工具】加拿大开源情报工具

丁爸情报分析师的工具箱

4 months 3 weeks ago

Attackers gaining access via cloud firewalls

Red Carnary: YouTube Channel

4 months 3 weeks ago

Red Canary, a Zscaler company

Top 10 Best Security Orchestration, Automation, And Response (SOAR) Tools in 2025

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

4 months 3 weeks ago

Security Orchestration, Automation, and Response (SOAR) tools are revolutionizing how organizations defend against evolving threats, streamline security workflows, and automate incident response. In an era of complex attack surfaces and alert fatigue, SOAR solutions empower security teams to respond faster, reduce manual workloads, and maintain compliance across hybrid environments. This comprehensive guide reviews the top […]

The post Top 10 Best Security Orchestration, Automation, And Response (SOAR) Tools in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Varshini