Aggregator

Russian Fake-News Network CopyCop Added 200+ New Websites to Targets US, Canada and France

Cyber Security News
4 months 3 weeks ago

The Russian covert influence network CopyCop has significantly expanded its disinformation campaign, establishing over 200 new fictional media websites since March 2025. This expansion represents a marked escalation in Russian information warfare efforts, targeting democratic nations with sophisticated artificial intelligence-driven content generation and increasingly polished deception tactics. CopyCop, also designated as Storm-1516, operates as a […]

The post Russian Fake-News Network CopyCop Added 200+ New Websites to Targets US, Canada and France appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2024-45776 | Red Hat Enterprise Linux/OpenShift Container Platform grub2 grub_mofile_open out-of-bounds write (Nessus ID 216508 / WID-SEC-2025-0396)

Vuldb Updates
4 months 3 weeks ago
A vulnerability was found in Red Hat Enterprise Linux and OpenShift Container Platform. It has been declared as critical. This impacts the function grub_mofile_open of the component grub2. Such manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-45776. Local access is required to approach this attack. No exploit exists.
vuldb.com

CVE-2024-45774 | Red Hat Enterprise Linux/OpenShift Container Platform JPEG Parser out-of-bounds write (Nessus ID 216508 / WID-SEC-2025-0396)

Vuldb Updates
4 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Red Hat Enterprise Linux and OpenShift Container Platform. This issue affects some unknown processing of the component JPEG Parser. Performing manipulation results in out-of-bounds write. This vulnerability is reported as CVE-2024-45774. The attack requires a local approach. No exploit exists.
vuldb.com

CVE-2025-43356

CVE Trends
4 months 3 weeks ago
Currently trending CVE - Hype Score: 1 - The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.

CVE-2025-41248

CVE Trends
4 months 3 weeks ago
Currently trending CVE - Hype Score: 13 - The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in ...

CVE-2025-41249

CVE Trends
4 months 3 weeks ago
Currently trending CVE - Hype Score: 13 - The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application ...

CVE-2025-39793 | Linux Kernel up to 6.15.10/6.16.1 io_uring allocation of resources (Nessus ID 265245 / WID-SEC-2025-2051)

Vuldb Updates
4 months 3 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.15.10/6.16.1. This vulnerability affects the function io_uring. Executing manipulation can lead to allocation of resources. This vulnerability appears as CVE-2025-39793. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

The Messy Middle: Where SOC Automation Breaks (and How Morpheus AI Fixes It)

Security Boulevard
4 months 3 weeks ago

SOC automation breaks in the messy middle of triage and investigation. Learn how Morpheus AI fixes it with transparent, adaptive playbooks.

The post The Messy Middle: Where SOC Automation Breaks (and How Morpheus AI Fixes It) appeared first on D3 Security.

The post The Messy Middle: Where SOC Automation Breaks (and How Morpheus AI Fixes It) appeared first on Security Boulevard.

Shriram Sharma

CVE-2025-10632 | itsourcecode Online Petshop Management System 1.0 Admin Dashboard availableframe.php name/address cross site scripting (EUVD-2025-29842)

Vuldb Updates
4 months 3 weeks ago
A vulnerability classified as problematic was found in itsourcecode Online Petshop Management System 1.0. The affected element is an unknown function of the file availableframe.php of the component Admin Dashboard. The manipulation of the argument name/address results in cross site scripting. This vulnerability is known as CVE-2025-10632. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-8942 | ThimPress WP Hotel Booking Plugin up to 2.2.2 on WordPress rating access control (EUVD-2025-29843)

Vuldb Updates
4 months 3 weeks ago
A vulnerability described as critical has been identified in ThimPress WP Hotel Booking Plugin up to 2.2.2 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument rating results in improper access controls. This vulnerability was named CVE-2025-8942. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-5305 | Password Reset with Code REST API Plugin up to 0.0.16 on WordPress inadequate encryption (EUVD-2025-29845)

Vuldb Updates
4 months 3 weeks ago
A vulnerability classified as problematic has been found in Password Reset with Code REST API Plugin up to 0.0.16 on WordPress. This affects an unknown part. This manipulation causes inadequate encryption strength. The identification of this vulnerability is CVE-2025-5305. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad