Aggregator

A vulnerability, which was classified as problematic, has been found in WP-Members Membership Plugin up to 3.4.9.5 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9231. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-9590. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-9589. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in EasyIns Stadtportal Stadtportal 4.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument site leads to file inclusion. This vulnerability was named CVE-2004-2053. The attack can be initiated remotely. Furthermore, there is an exploit available.

A new campaign involving the notorious remote access trojan (RAT) Njrat has been uncovered, leveraging Microsoft’s Dev Tunnels service for command-and-control (C2) communication. This service, intended to help developers securely expose local services to the internet for testing and debugging, is being exploited by attackers to establish covert connections with their C2 servers. The abuse […]

The post Njrat Exploits Microsoft Dev Tunnels for C2 Communication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

这一研究再次凸显硬编码凭据对用户和组织机构可带来严重的安全风险

总奖金池超过100万美元

Каналы-анонимы лишат финансовой поддержки.

Security researchers have uncovered new evidence that North Korean threat actors, particularly the Lazarus Group, are actively using Astrill VPN to conceal their true IP addresses during cyberattacks and fraudulent IT worker schemes. Silent Push, a cybersecurity firm, recently acquired infrastructure and logs from the Lazarus subgroup known as “Contagious Interview” or “Famous Chollima,” confirming […]

The post North Korean IT Workers Hide Their IPs Using Astrill VPN appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered five significant vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver, affecting versions prior to 2.0.0. These flaws, identified as CVE-2025-0285, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288, and CVE-2025-0289, pose serious security risks, enabling attackers to escalate privileges to SYSTEM level and potentially cause denial-of-service (DoS) scenarios. Multiple Critical Flaws Discovered in BioNTdrv.sys Driver The vulnerabilities, […]

The post Paragon Partition Manager Vulnerabilities Allow Attackers to Escalate Privileges and Trigger DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

美国网络司令部指示各网络部队暂停针对俄罗斯网络行动

官方回应称未发现任何数据泄露迹象

A recent investigation by cybersecurity experts has unveiled a series of advanced cyberattacks orchestrated by the notorious Advanced Persistent Threat (APT) group known as “Space Pirates.” Leveraging their customized malware arsenal, including the LuckyStrike Agent backdoor, the group has been targeting IT organizations and government agencies across Russia and neighboring regions. The attacks have been […]

The post Space Pirates Hackers Attacking IT Organizations With LuckyStrike Using OneDrive appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks

A vulnerability was found in Liferay Portal and DXP and classified as problematic. This issue affects some unknown processing of the component My Account Widget. The manipulation of the argument _com_liferay_my_account_web_portlet_MyAccountPortlet_backURL leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-26271. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Liferay Portal and DXP. It has been classified as problematic. Affected is an unknown function of the component Content Page Editor. The manipulation of the argument p_l_back_url leads to cross-site request forgery. This vulnerability is traded as CVE-2024-26272. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Liferay Portal and DXP. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Script Console. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-8980. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Umbraco CMS up to 8.18.14/10.8.6/13.5.1. Affected is an unknown function of the component SVG File Preview. The manipulation leads to injection. This vulnerability is traded as CVE-2024-48927. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Collabtive 3.1 and classified as problematic. Affected by this issue is some unknown functionality of the file managemessage.php. The manipulation of the argument title leads to cross site scripting. This vulnerability is handled as CVE-2024-48706. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Collabtive 3.1. It has been classified as problematic. This affects an unknown part of the file managemilestone.php. The manipulation of the argument name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-48707. It is possible to initiate the attack remotely. There is no exploit available.