Aggregator
CVE-2025-27911 | Datalust Seq up to 2024.1.11146 resource consumption (EUVD-2025-7819)
CVE-2025-4259 | newbee-mall 1.0 UploadController.java upload File unrestricted upload
CVE-2025-4260 | zhangyanbo2007 youkefu up to 4.2.0 TemplateController.java impsave dataFile deserialization
CVE-2025-4258 | zhangyanbo2007 youkefu up to 4.2.0 MediaController.java upload imgFile unrestricted upload
CVE-2025-4018 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 CrawlController.java addCrawlSource missing authentication
CVE-2025-4019 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 GeneratorController.java genCode missing authentication
CVE-2025-2176 | libzvbi up to 0.2.43 src/io-sim.c vbi_capture_sim_load_caption integer overflow (GHSA-g7cg-7gw9-v8cf / Nessus ID 233205)
CVE-2025-2177 | libzvbi up to 0.2.43 src/search.c vbi_search_new pat_len integer overflow (GHSA-g7cg-7gw9-v8cf / Nessus ID 233205)
CVE-2025-1083 | Mindskip xzs-mysql 学之思开源考试系统 3.9.0 CORS cross-domain policy
CVE-2025-1084 | Mindskip xzs-mysql 学之思开源考试系统 3.9.0 cross-site request forgery
Live Webinar | End-of-Life Failures: The Data Security Traps You Must Avoid
Live Webinar | Scaling Application Security Testing and Bringing the "Ops" Back to DevSecOps
AI Browsers Vulnerable to Data Theft, Malware
Artificial intelligence-powered browsers could expose enterprises to data theft, malware distribution and unauthorized access to corporate apps, new research shows. AI browsers built to complete tasks autonomously lack the security awareness to verify whether an instruction is safe.
ISMG Editors: How the US Federal Shutdown Exposes Cyber Gaps
In this week's update, four ISMG editors discussed the fallout from the U.S. federal shutdown and the impact on state and regional cyber offices, the knock-on effects for healthcare, and the growing cyberthreats facing aging operational technology environments.
SonicWall Warns Cloud Backup Users of Security Risk
Firewall maker SonicWall said Friday all customers who used its cloud backup services are at increased "risk of targeted attacks" following a recent cyberattack. The California firm in September disclosed that unidentified hackers launched brute-force attacks against servers storing backup files.
ALN, Octapharma Plasma Agree to Settle Breach Lawsuits
A Nebraska-based revenue cycle management firm and a Swiss-based blood products manufacturer with plasma collection centers in the United States are the latest healthcare sector companies agreeing to pay multimillion dollar lawsuit settlements for two separate 2024 hacks affecting scores of patients.
Independent Verification of NHI Security: Necessary?
Why Is Independent Verification of Non-Human Identities Crucial for Cybersecurity? When it comes to cybersecurity, how often do organizations think about their machine identities, often overlooked yet vital for robust security protocols? The management of Non-Human Identities (NHIs) is increasingly essential, emphasizing the importance of independent verification. This process ensures that these machine identities remain […]
The post Independent Verification of NHI Security: Necessary? appeared first on Entro.
The post Independent Verification of NHI Security: Necessary? appeared first on Security Boulevard.
How Safe Are Your Non-Human Identities Really?
Are You Harnessing the Full Potential of Non-Human Identities in Your Cloud Security Strategy? Non-human identities (NHIs) are revolutionizing the approach to cybersecurity strategy, particularly for organizations navigating the complexities of cloud environments. But what exactly are NHIs, and how do they fit into broaders of cloud security? Understanding Non-Human Identities: A Critical Component of […]
The post How Safe Are Your Non-Human Identities Really? appeared first on Entro.
The post How Safe Are Your Non-Human Identities Really? appeared first on Security Boulevard.
News alert: Lightship, OpenSSL submit OpenSSL 3.5.4 — with post-quantum crypto on board
NEWARK, N.J., October 9, 2025, CyberNewswire — Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and the OpenSSL Corporation, the co-maintainer of the OpenSSL Library, announce the submission of OpenSSL version 3.5.4 to the … (more…)
The post News alert: Lightship, OpenSSL submit OpenSSL 3.5.4 — with post-quantum crypto on board first appeared on The Last Watchdog.
The post News alert: Lightship, OpenSSL submit OpenSSL 3.5.4 — with post-quantum crypto on board appeared first on Security Boulevard.