Aggregator

SpankRAT Exploits Windows Explorer Processes for Stealth and Delayed Detection

Cyber Security News
1 week 3 days ago

A newly identified two-component Remote Access Trojan (RAT) toolkit built in Rust, dubbed SpankRAT, is being used by threat actors to abuse legitimate Windows processes, bypass reputation-based security controls, and maintain persistent access to compromised environments while largely evading detection on VirusTotal. Researchers at ANY.RUN has identified and analyzed the SpankRAT toolkit, flagging it as […]

The post SpankRAT Exploits Windows Explorer Processes for Stealth and Delayed Detection appeared first on Cyber Security News.

Balaji N

CVE-2025-36579 | Dell Client Platform BIOS password recovery (dsa-2025-153 / EUVD-2025-209501)

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in Dell Client Platform. It has been rated as problematic. Impacted is an unknown function of the component BIOS. Performing a manipulation results in weak password recovery. This vulnerability is known as CVE-2025-36579. The attack may be carried out on the physical device. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-5426 | Digital Knowledge KnowledgeDeliver prior 20260224 ViewState machineKey hard-coded key (MNDT-2026-0009 / EUVD-2026-23271)

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in Digital Knowledge KnowledgeDeliver. It has been declared as problematic. This issue affects some unknown processing of the component ViewState Handler. Such manipulation of the argument machineKey leads to use of hard-coded cryptographic key . This vulnerability is traded as CVE-2026-5426. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-37347 | SourceCodester Payroll Management and Information System 1.0 view_employee.php sql injection (EUVD-2026-23266)

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in SourceCodester Payroll Management and Information System 1.0. It has been classified as critical. This vulnerability affects unknown code of the file /payroll/view_employee.php. This manipulation causes sql injection. This vulnerability appears as CVE-2026-37347. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-37346 | SourceCodester Payroll Management and Information System 1.0 view_account.php?emp_id= sql injection (EUVD-2026-23264)

VulDB Recent Entries
1 week 3 days ago
A vulnerability was found in SourceCodester Payroll Management and Information System 1.0 and classified as critical. This affects an unknown part of the file /payroll/view_account.php?emp_id=. The manipulation results in sql injection. This vulnerability is reported as CVE-2026-37346. The attack can be launched remotely. No exploit exists.
vuldb.com

CVE-2026-37345 | SourceCodester Vehicle Parking Area Management System 1.0 /parking/manage_park.php sql injection (EUVD-2026-23262)

VulDB Recent Entries
1 week 3 days ago
A vulnerability has been found in SourceCodester Vehicle Parking Area Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /parking/manage_park.php. The manipulation leads to sql injection. This vulnerability is documented as CVE-2026-37345. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

Managed ad