Aggregator
CVE-2025-10267 | NewType Infortech NUP Portal up to SP5.0 File Extension missing authentication (EUVD-2025-29037)
CVE-2025-10264 | Digiever DS-1200 exposure of sensitive system information to an unauthorized control sphere (EUVD-2025-29031)
EvilAI: Leveraging AI to Steal Browser Data and Evade Detection
EvilAI, a new malware family tracked by Trend™ Research, has emerged in recent weeks disguised as legitimate AI-driven utilities. These trojans sport professional user interfaces, valid code signatures, and functional features, allowing them to slip past both corporate and personal defenses undetected. Leveraging lightweight installers and AI-generated code, EvilAI rapidly establishes persistent footholds while masquerading […]
The post EvilAI: Leveraging AI to Steal Browser Data and Evade Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2025-10266 | NewType Infortech NUP Portal up to SP5.0 sql injection (EUVD-2025-29038)
CVE-2025-10265 | Digiever DS-1200 os command injection (EUVD-2025-29039)
CVE-2025-6638 | huggingface transformers up to 4.52.x MarianTokenizer remove_language_code redos
CISA looks to partners to shore up the future of the CVE Program
The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defenders everywhere are operating from the same map. That’s what the CVE Program provides: a common lexicon of real, exploitable vulnerabilities,” Nick Andersen, Executive Assistant Director for Cybersecurity, stated on Thursday. “CISA has been – and will remain – committed … More →
The post CISA looks to partners to shore up the future of the CVE Program appeared first on Help Net Security.
CVE-2025-5994 | NLnet Labs Unbound up to 1.22.x DNS Transaction ID acceptance of extraneous untrusted data with trusted data (EUVD-2025-21730 / Nessus ID 242937)
CVE-2025-6032 | podman Machine Init Command certificate validation (EUVD-2025-19013 / Nessus ID 240490)
CVE-2025-21759 | Linux Kernel up to 6.6.78/6.12.15/6.13.3/6.14-rc2 mcast igmp6_send allocation of resources (Nessus ID 234058 / WID-SEC-2025-2043)
CVE-2023-49083 | pyca cryptography 41.0.2 PKCS7 Certificate null pointer dereference (Nessus ID 209185 / WID-SEC-2025-2043)
Akira
You must login to view this content
Квантовый вакуум оказался горячим. Физики зафиксировали тепло из ничего — и это может переписать теории
Akira
You must login to view this content
CVE-2023-6436 | Ekol Informatics Website Template up to 20231215 sql injection (EUVD-2023-58673)
CVE-2025-2488 | Profelis Informatics SambaBox up to 5.0 cross site scripting (EUVD-2025-13110)
CVE-2025-9784 | Red Hat Undertow HTTP/2 MadeYouReset denial of service (EUVD-2025-26388 / Nessus ID 261317)
CVE-2024-7557 | Red Hat OpenShift AI/OpenShift Data Science access control (EUVD-2024-48861)
Top 10 Best Breach and Attack Simulation (BAS) Tools in 2025
In 2025, the cybersecurity landscape is defined by its complexity and the speed of modern threats. Security teams are overwhelmed by a fragmented array of security controls and a lack of clear visibility into what’s actually working. Breach and Attack Simulation (BAS) platforms solve this problem by continuously and safely validating security defenses against real-world […]
The post Top 10 Best Breach and Attack Simulation (BAS) Tools in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.