Aggregator
Добавили новый эмодзи-пак? Теперь вы соучастник кибератак, а вас используют для маскировки миллионных киберпреступлений
Whisper 2FA Behind One Million Phishing Attempts Since July
NDSS 2025 – MADWeb 2025, Opening Remarks and Keynote 1
Author, Creator & Presenter: Keynote 1 - Nick Nikiforakis, Stony Book University
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) 2025, co-located with the Network and Distributed System Security (NDSS) Symposium 2025
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.
The post NDSS 2025 – MADWeb 2025, Opening Remarks and Keynote 1 appeared first on Security Boulevard.
CVE-2024-4172 | idcCMS 1.35 admin_cl.php?mudi=revPwd cross-site request forgery
CVE-2024-3279 | mintplex-labs anything-llm 0.0.1/0.1.0 access control
CVE-2024-10131 | infiniflow ragflow up to 0.11.0 llm_app.py add_llm req['llm_factory']/req['llm_name'] command injection
CVE-2024-7475 | lunary-ai lunary up to 1.3.3 SAML Configuration access control
CVE-2024-6868 | mudler LocalAI up to 2.18.0 Automatic Archive Extraction link following
CVE-2023-48183 | QuickJS build_for_in_iterator null pointer dereference (Issue 192 / Nessus ID 234476)
CVE-2024-3665 | Rank Math SEO with AI SEO Tools Plugin up to 1.0.216 on WordPress titleWrapper cross site scripting
CVE-2024-5125 | parisneo lollms-webui up to 9.7 unrestricted upload
CVE-2025-21655 | Linux Kernel up to 6.1.124/6.6.71/6.12.9 eventfd io_eventfd_signal reference count (Nessus ID 215034)
CVE-2024-48872 | Mattermost up to 9.5.12/9.11.4/10.0.2/10.1.2 race condition (Nessus ID 213276)
Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits
A sophisticated attack campaign dubbed “Operation Zero Disco,” where threat actors are actively exploiting a critical Cisco Simple Network Management Protocol (SNMP) vulnerability to install Linux rootkits on vulnerable network devices. Trend Micro observed an operation exploiting CVE-2025-20352, which allows remote code execution (RCE) and grants persistent unauthorized access, primarily targeting older Cisco switches that […]
The post Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits appeared first on Cyber Security News.