Aggregator

RipperSec Targeted the Website of Vice President of India

Submit #588258 / VDB-311712

The statement said the Rhode Island-based company identified unauthorized activity on its systems on Thursday, prompting officials to take systems offline. The action “has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”

The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. "The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors," SentinelOne security researchers Aleksandar

Skitnet malware, also referred to as Bossnet, has emerged as a critical tool for ransomware gangs in 2025, showcasing a marked increase in operational efficiency for cybercriminals. First advertised on underground forums like RAMP on April 19, 2024, by a threat actor known as LARVA-306, Skitnet was initially positioned as a compact, user-friendly post-exploitation package […]

The post Skitnet Malware Actively Adopted by Ransomware Gangs to Enhance Operational Efficiency appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in wasp-lang wasp up to 0.16.5. It has been rated as critical. This issue affects some unknown processing of the component OAuth. The manipulation leads to incorrect default permissions. The identification of this vulnerability is CVE-2025-49006. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in GIMP. Affected is the function ani_load_image of the component ANI File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-48796. It is possible to launch the attack remotely. There is no exploit available.

450 млн параметров и ни одного GPU в обмороке.

Alleged admin access sale to multiple FinTech Companies in South America

A vulnerability classified as problematic was found in WPWeb WooCommerce Social Login Plugin up to 2.8.2 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2025-39472. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in labring FastGPT up to 4.9.10. It has been declared as critical. This vulnerability affects unknown code of the component Python Module. The manipulation leads to incorrect permission assignment. This vulnerability was named CVE-2025-49131. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. This vulnerability is known as CVE-2025-5763. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Red Hat Keycloak and Single Sign-On and classified as critical. This vulnerability affects unknown code of the component Verification Policy. The manipulation leads to certificate with host mismatch. This vulnerability was named CVE-2025-3501. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-5732. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. This vulnerability was named CVE-2025-5734. The attack can be initiated remotely. Furthermore, there is an exploit available.

Authors/Presenters: Matteo Rizzo, Kristoffer `spq` Janke, Eduardo Vela Nava and Josh Eads

Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending the OffensiveCon 25 conference.

Permalink

The post OffensiveCon25 – Entrysign: Create Your Own x86 Microcode for Fun and Profit appeared first on Security Boulevard.

New PathWiper malware targeted Ukrainian critical infrastructure, using legitimate tools for cyber-attacks

Unit 221B’s Allison Nixon said crackdowns have effectively shown the group that their actions carry real consequences.

The post Internet infamy drives The Com’s crime sprees appeared first on CyberScoop.

Google has highlighted a significant uptick in cyberattacks and scams targeting US consumers, with a particular focus on stealing login credentials. The FBI reports that online scams generated a staggering $16.6 billion in losses last year, reflecting a 33% increase over the previous year. Over 60% of Americans have perceived a rise in scam attempts […]

The post Google Warns of Surge in Cyberattacks Targeting US Users to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Fortinet FortiOS up to 7.4.2. It has been declared as very critical. This vulnerability affects unknown code of the component SSL-VPN. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-21762. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.