Aggregator

A vulnerability was found in Wattsense Bridge up to 6.4.0. It has been classified as critical. This affects an unknown part. The manipulation leads to missing protection mechanism for alternate hardware interface. This vulnerability is uniquely identified as CVE-2025-26409. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Wattsense Bridge up to 6.4.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is handled as CVE-2025-26410. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Wattsense Bridge and classified as critical. Affected by this vulnerability is an unknown functionality of the component Plugin Manager. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2025-26411. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The USB Army Knife is a versatile red-teaming tool for penetration testers that emulates a USB Ethernet adapter for traffic capture, enables custom attack interfaces, and functions as covert storage all in one compact device. This multi-functional firmware combines a variety of attack vectors into a single compact device, complete with a color LCD screen. […]

The post USB Army Knife – A Powerful Red Team Tool for Penetration Testers appeared first on Cyber Security News.

Kela researchers explain that infostealers are to blame for compromised OpenAI logins

Компьютер размером с ладонь выживает там, где другие сдаются.

A vulnerability, which was classified as critical, was found in Octopus Deploy Octopus Server up to 2024.3.13070/2024.4.7064. Affected is an unknown function of the component API Endpoints. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2025-0589. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Почему компании готовы платить тысячи за обнаружение скрытых угроз.

Currently trending CVE - hypeScore: 2 - An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.

Currently trending CVE - hypeScore: 1 - Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Infor

Исследование раскрыло, как мы попали в когнитивную ловушку из-за доверия к ИИ.

Битва миллиардеров за будущее ИИ.

DDoS攻击总量呈现出迅猛增长的态势，同比增长56%，其中最大攻击峰值更是飙升至前所未有的2Tbps。

A new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications. Dubbed “FinStealer,” this malware campaign employs advanced techniques to steal sensitive financial and personal information, including banking credentials, credit card details, and other personally identifiable information (PII). Distributed via phishing links and unofficial app stores, the malware mimics […]

The post FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Innovative tools are continually appearing to enhance the capabilities of professionals and enthusiasts alike. One new entrant into the world of radio frequency (RF) tools is the Evil Crow RF V2, a compact device that transforms your smartphone into a powerful tool for RF analysis and penetration testing. With its portable design, user-friendly features, and a […]

The post Evil Crow RF Tool Transforms Smartphones into Powerful RF Hacking Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

苹果紧急修复iOS零日漏洞CVE-2025-24200，已遭黑客利用！该漏洞可关闭USB限制模式，引发重大网络物理攻击风险，针对特定目标发动复杂攻击。

A sophisticated malware campaign dubbed “FinStealer” is actively targeting customers of a leading Indian bank through fraudulent mobile applications. The malware, identified as Trojan.rewardsteal/joxpk, employs advanced tactics to steal banking credentials and personal information from unsuspecting users. The malicious campaign operates through a suspicious website (motocharge[.]online) that distributes fake banking apps mimicking legitimate ones. CYFIRMA […]

The post FinStealer Malware Attacking Leading Indian Bank’s Mobile Users To Steal Login Credentials appeared first on Cyber Security News.

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The police took down the dark web data leak and negotiation sites. The police has yet to disclose the names of the suspects. Authorities replaced […]

Как SIM-карта вызвала колебания на рынке криптовалют.