Aggregator

Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector

A vulnerability classified as problematic was found in Leviton AcquiSuite and Energy Monitoring Hub. This vulnerability affects unknown code of the component URL Parameter Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-6185. The attack can be initiated remotely. There is no exploit available.

Cambodian police and military arrested more than 1,000 people in a crackdown on cyberscam operations that have proliferated in recent years in Southeast Asia and now are spreading globally, ensnaring hundreds of thousands of people in human trafficking schemes who are forced to run romance and other online frauds.

The post Cambodia Arrests More Than 1,000 in Cyberscam Crackdown appeared first on Security Boulevard.

A critical vulnerability in macOS allows attackers to escalate privileges to root access through misconfigured daemon services.  The vulnerability, dubbed “Daemon Ex Plist,” exploits weaknesses in how macOS handles service property list (plist) files and has been found to affect multiple popular VPN applications and other software. Key Takeaways1. macOS daemons left behind in /Library/LaunchDaemons/ […]

The post New “Daemon Ex Plist” Vulnerability Gives Attackers Root Access on macOS appeared first on Cyber Security News.

A vulnerability was found in Balbooa Gallery Component up to 2.4.0 on Joomla. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Gallery Item Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-49486. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Balbooa Forms Component up to 2.3.1.1 on Joomla. It has been classified as critical. Affected is an unknown function. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-49485. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in rsjoomla RSFiles Component up to 1.17.7 on Joomla and classified as problematic. This issue affects some unknown processing of the component Search. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-50057. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in joomsky JS Jobs Component up to 1.4.1 on Joomla and classified as critical. This vulnerability affects unknown code. The manipulation of the argument cvid leads to sql injection. This vulnerability was named CVE-2025-49484. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate, Endpoint Antivirus for Windows, Endpoint Security for Windows, Small Business Security, Safe Server, Server Security for Windows Server, Mail Security for Microsoft Exchange Server and Security for Microsoft SharePoint Server. This affects an unknown part. The manipulation leads to time-of-check time-of-use. This vulnerability is uniquely identified as CVE-2025-2425. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in rsjoomla RSBlog Component up to 1.14.5 on Joomla. Affected by this issue is some unknown functionality. The manipulation of the argument jform[tags_text] leads to cross site scripting. This vulnerability is handled as CVE-2025-50126. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in rsjoomla RSDirectory Component up to 2.2.8 on Joomla. Affected by this vulnerability is an unknown functionality of the component Review Reply. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-50058. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in rsjoomla RSMail Component up to 1.22.28 on Joomla. Affected is an unknown function. The manipulation of the argument crafted leads to cross site scripting. This vulnerability is traded as CVE-2025-50056. It is possible to launch the attack remotely. There is no exploit available.

Хакеры исчезли с криптой, оставив в блокчейне лишь цифровые следы.

We must pay attention to what holds everything together - the glue. That’s where the real MCP vulnerabilities are hiding. 

The post Critical MCP Vulnerabilities are Slipping Through the Cracks appeared first on Security Boulevard.

Hackers breached Anne Arundel Dermatology systems for three months, potentially exposing personal and health data of 1.9 million people. Anne Arundel Dermatology is a physician-owned and managed dermatology group headquartered in Maryland, founded over 50 years ago. It’s one of the largest dermatology providers in the Mid‑Atlantic and Southeastern United States, operating more than 100 […]

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that's designed to deliver a malware codenamed LAMEHUG. "An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description)," CERT-UA said in a Thursday advisory. The activity has been attributed with medium

Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz. "NVIDIA Container Toolkit for all platforms contains a

Google 起诉了 25 名僵尸网络 BadBox 2.0 的中国籍运营者。Google 在起诉书中称，截至 2025 年 4 月，BadBox 2.0 感染了全世界逾 1000 万台基于 Android AOSP 系统的设备，包括电视盒、平板、投影仪和车载休闲娱乐系统。BadBox 2.0 是迄今为止发现的规模最大的联网电视僵尸网络。Google 称 BadBox 2.0 的活动干扰了 Google 与客户的关系，损害其声誉，破坏其产品和服务的价值。由于所有被告都在中国，而中美之间很少引渡嫌疑人，因此诉讼不太可能追究到任何被告的责任。

Картинка на экране — лишь прикрытие для сложной сети, разросшейся по всему миру.

俄罗斯进一步收紧了对网络活动的控制。该国新通过的法律将对搜索被禁止内容以及使用 VPN 访问被禁止内容的人处以罚款。俄罗斯对被禁止内容的定义是一个由政府维护的列表，大约有 5500 个条目，其内容涵盖了从 LGBT运动 到基地等极端主义组织制作的内容，以及宣传纳粹意识形态或或煽动极端主义行为的材料。对搜索被禁止内容的罚款大约为 65 美元，对推广 VPN 等规避审查工具的罚款——个人为 2500 美元，企业最高 1.28 万美元。