Aggregator
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown, as the scripts have been leaked on Telegram. CVE-2025-61882 exploit scripts analyzed “What we have observed is that CVE-2025-61882 (…) is not ‘just’ one vulnerability. It is a poetic flow of numerous small/medium weaknesses,” watchTowr researchers Sina Kheirkhah and … More →
The post Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) appeared first on Help Net Security.
CVE-2025-11421 | code-projects Voting System 1.0 candidates_edit.php Firstname/Lastname/Platform cross site scripting
RALord
You must login to view this content
Submit #666009: Tenda Shenzhen Jixiang Tengda Technology Co., Ltd. Router CH22 V1.0.0.1 Tenda V1.0.0.1 Buffer Overflow [Accepted]
RALord
You must login to view this content
Submit #665949: Campcodes Advanced Online Voting Management System 9/26,2024 SQL Injection [Accepted]
CVE-2025-11420 | code-projects E-Commerce Website 1.0 edit_order_details.php order_id sql injection
Submit #665811: Code-projects Voting System 1.0 Cross Site Scripting [Accepted]
Submit #665770: code-projects E-Commerce Website 1.0 SQL Injection [Accepted]
Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk
An extortion group calling itself Crimson Collective claimed responsibility for a major breach at Red Hat Consulting. With only 22 followers on Telegram at the time, the group’s rapid rise to notoriety has stunned security experts. By the end of that day, Red Hat confirmed the breach and began notifying affected clients. Red Hat Consulting […]
The post Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
LeakNet
You must login to view this content
LeakNet
You must login to view this content
Cavalry Werewolf APT Targets Russian Organizations Using FoalShell and Telegram C2
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2). Security teams must prioritize real-time visibility into the tools employed by this group to maintain effective detection and prevention measures. Without timely insights into FoalShell and StallionRAT, defenders risk falling […]
The post Cavalry Werewolf APT Targets Russian Organizations Using FoalShell and Telegram C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CodeMender сам себя чинит. Google DeepMind выпустила ИИ-агента, который находит и исправляет уязвимости в коде без вмешательства человека
CMMC and NIST Password Compliance 101: Are They Different?
See how CMMC and NIST password compliance align. Why it matters for DoD contractors, and how Enzoic helps block weak & compromised passwords.
The post CMMC and NIST Password Compliance 101: Are They Different? appeared first on Security Boulevard.