Fashion giant Chanel hit in wave of Salesforce data theft attacks
French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. [...]
Aggregator
NVIDIA Patches Critical RCE Vulnerability Chain
8 months 3 weeks ago
The flaws in the company's Triton Inference Server enables model theft, data leaks, and response manipulation.
Jai Vijayan, Contributing Writer
TeamXXX
8 months 3 weeks ago
You must login to view this content
cohenido
PXA Stealer Distributed via Telegram Harvests 200K Passwords and Credit Card Data
8 months 3 weeks ago
SentinelLABS and Beazley Security have uncovered a sophisticated infostealer campaign deploying the Python-based PXA Stealer, which has rapidly evolved since late 2024 to incorporate advanced anti-analysis techniques, decoy content, and hardened command-and-control (C2) infrastructure. This operation, linked to Vietnamese-speaking cybercriminal networks, leverages Telegram’s API for automated data exfiltration and monetization, feeding into underground marketplaces like […]
The post PXA Stealer Distributed via Telegram Harvests 200K Passwords and Credit Card Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Blaugust 2025 Reflections #1
8 months 3 weeks ago
作者分享了通过 RSS 阅读的各类博客文章,包括每周笔记、学习方法、对话中的性别差异、授人以鱼不如授人以渔的观点、花园收获以及音乐推荐等内容。
AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges
8 months 3 weeks ago
Cloudflare said it received complaints from customers about Perplexity using stealthy tactics to evade network blocks against systematic browsing and scraping of web pages.
The post AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges appeared first on CyberScoop.
Tim Starks
CISA & FEMA Announce $100M+ in Community Cybersecurity Grants
8 months 3 weeks ago
The grants are intended to help states, tribes, and localities enhance their cybersecurity resilience by providing them with monetary resources to reduce risks and implement new procedures.
Kristina Beek
CVE-2024-29238 | Synology Surveillance Station prior 9.2.0-9289/9.2.0-11289 WebAPI Log.CountByCategory sql injection (SA_24_04)
8 months 3 weeks ago
A vulnerability classified as critical was found in Synology Surveillance Station. Affected by this vulnerability is the function Log.CountByCategory of the component WebAPI. The manipulation leads to sql injection.
This vulnerability is known as CVE-2024-29238. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29239 | Synology Surveillance Station prior 9.2.0-9289/9.2.0-11289 WebAPI Recording.CountByCategory sql injection (SA_24_04)
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Synology Surveillance Station. Affected by this issue is the function Recording.CountByCategory of the component WebAPI. The manipulation leads to sql injection.
This vulnerability is handled as CVE-2024-29239. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29240 | Synology Surveillance Station prior 9.2.0-9289/9.2.0-11289 WebAPI LayoutSave authorization (SA_24_04)
8 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Synology Surveillance Station. This affects the function LayoutSave of the component WebAPI. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2024-29240. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53279 | Synology Router Manager up to 1.3.1-9346-9 cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability was found in Synology Router Manager. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2024-53279. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53280 | Synology Router Manager up to 1.3.1-9346-9 cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability was found in Synology Router Manager. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-53280. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53281 | Synology Router Manager up to 1.3.1-9346-9 cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability was found in Synology Router Manager. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-53281. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53282 | Synology Router Manager up to 1.3.1-9346-9 WiFi Connect MAC Filter cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Synology Router Manager. This affects an unknown part of the component WiFi Connect MAC Filter. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-53282. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53283 | Synology Router Manager up to 1.3.1-9346-9 Router Port Forward cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability classified as problematic was found in Synology Router Manager. This vulnerability affects unknown code of the component Router Port Forward. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-53283. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53284 | Synology Router Manager up to 1.3.1-9346-9 WiFi Connect Setting cross site scripting (SA_24_09)
8 months 3 weeks ago
A vulnerability was found in Synology Router Manager. It has been declared as problematic. This vulnerability affects unknown code of the component WiFi Connect Setting. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-53284. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-5463 | Synology Camera 1.0.7-0298 Login Service buffer overflow (SA_24_07)
8 months 3 weeks ago
A vulnerability has been found in Synology Camera 1.0.7-0298 and classified as critical. This vulnerability affects unknown code of the component Login Service. The manipulation leads to buffer overflow.
This vulnerability was named CVE-2024-5463. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CNCERT Accuses U.S. Intelligence of Cyberattacks on Chinese Military-Industrial Targets
8 months 3 weeks ago
China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) has publicly accused U.S. intelligence agencies of orchestrating sophisticated cyberattacks against key military-industrial entities, building on the 2022 NSA breach at Northwestern Polytechnical University. The revelations detail two emblematic incidents that underscore the persistent targeting of China’s defense sector through advanced persistent threats (APTs). The […]
The post CNCERT Accuses U.S. Intelligence of Cyberattacks on Chinese Military-Industrial Targets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
SonicWall urges customers to take VPN devices offline after ransomware campaign
8 months 3 weeks ago
Multiple cybersecurity incident response firms are warning about the possibility that a zero-day vulnerability in some SonicWall devices is allowing ransomware attacks.
CVE-2024-29230 | Synology Surveillance Station prior 9.2.0-9289/9.2.0-11289 WebAPI SnapShot.CountByCategory sql injection (SA_24_04)
8 months 3 weeks ago
A vulnerability was found in Synology Surveillance Station. It has been rated as critical. Affected by this issue is the function SnapShot.CountByCategory of the component WebAPI. The manipulation leads to sql injection.
This vulnerability is handled as CVE-2024-29230. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com