Aggregator
CVE-2025-61045 | TOTOLINK X18 9.1.0cu.2053_B20230309 setEasyMeshAgentCfg mac command injection (EUVD-2025-32018)
CVE-2025-61044 | TOTOLINK X18 9.1.0cu.2053_B20230309 setEasyMeshAgentCfg agentName command injection (EUVD-2025-32015)
CVE-2025-56243 | PuneethReddyHC Event Management System 1.0 register.php event_id cross site scripting (EUVD-2025-32722)
CVE-2025-43914 | Dell PowerProtect Data Domain BoostFS for Linux Ubuntu LTS2023 privileges assignment (dsa-2025-333 / EUVD-2025-32729)
CVE-2025-3449 | B&R Industrial Automation Automation Runtime up to 6.3 generation of predictable numbers or identifiers (EUVD-2025-32912)
CVE-2025-11404 | SourceCodester Hotel and Lodge Management System 1.0 /pages/save_tax.php percentage sql injection (EUVD-2025-32910)
Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs
Russian hackers turn to AI as old tactics fail, Ukrainian CERT says
Varonis Interceptor stops AI-evasive email attacks
Varonis Systems announced the availability of Varonis Interceptor, a new approach to email security that uses multi-layered AI to detect and block social engineering attacks, even when they originate from trusted or compromised sources. Attackers are using LLMs to deliver targeted phishing campaigns and craft pixel-perfect credential stealing websites at machine speed. When attacks come from compromised vendors or hijacked employee accounts, traditional detection methods break down. “Bad actors aren’t hacking computers, they’re hacking trust,” … More →
The post Varonis Interceptor stops AI-evasive email attacks appeared first on Help Net Security.
DraftKings thwarts credential stuffing attack, but urges password reset and MFA
砍伐森林,蝴蝶失色
CVE-2025-11495 | GNU Binutils 2.45 Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow (Bug 33502)
CVE-2025-11494 | GNU Binutils 2.45 Linker bfd/elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds (Bug 33499)
Submit #668694: code-projects Online Course Registration Site V1.0 SQL Injection [Duplicate]
New Fully Undetectable FUD Android RAT Hosted on GitHub
A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can bypass modern security measures and antivirus detection systems. This malicious software represents a concerning evolution […]
The post New Fully Undetectable FUD Android RAT Hosted on GitHub appeared first on Cyber Security News.