Aggregator

Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 3 weeks ago

A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the risk of arbitrary JavaScript execution through stored cross-site scripting (XSS). Tracked as CVE-2025-27915, this vulnerability affects ZCS versions 9.0, 10.0, and 10.1 prior to the latest patch releases, and is […]

The post Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox 

Anyrun
10 months 3 weeks ago

When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry.  In this article, we’ll walk […]

The post How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox  appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN

Russia-linked APT28 use Signal chats to target Ukraine official with malware

Security Affairs
10 months 3 weeks ago
Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official […]
Pierluigi Paganini

Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns

Cyber Security News
10 months 3 weeks ago

The Department of Homeland Security has issued a critical advisory warning of escalating cyber threats from pro-Iranian hacktivist groups targeting United States networks, as tensions between Iran and the US reach a dangerous new peak following recent military exchanges. The warning comes in the aftermath of Iran’s Islamic Revolutionary Guard Corps firing missiles at US […]

The post Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2025-39204 | Hitachi Energy MicroSCADA X SYS600 up to 10.6 Web Interface information disclosure (EUVD-2025-19015)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Hitachi Energy MicroSCADA X SYS600 up to 10.6. This issue affects some unknown processing of the component Web Interface. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-39204. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-39201 | Hitachi Energy MicroSCADA X SYS600 up to 10.6 Notify Service default permission (EUVD-2025-19004)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability classified as critical was found in Hitachi Energy MicroSCADA X SYS600 up to 10.6. This vulnerability affects unknown code of the component Notify Service. The manipulation leads to incorrect default permissions. This vulnerability was named CVE-2025-39201. The attack needs to be approached locally. There is no exploit available.
vuldb.com

CVE-2025-1718 | Hitachi Energy Relion 670/650 and SAM600-IO up to 2.2.6.3 unusual condition

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability classified as critical has been found in Hitachi Energy Relion 670 and 650 and SAM600-IO up to 2.2.6.3. This affects an unknown part. The manipulation leads to improper check for unusual conditions. This vulnerability is uniquely identified as CVE-2025-1718. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-3092 | Helmholz/MB connect line myREX24/myREX24.virtual/mbCONNECT24/mymbCONNECT24 observable response discrepancy (VDE-2025-035 / EUVD-2025-19011)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability was found in Helmholz/MB connect line myREX24, myREX24.virtual, mbCONNECT24 and mymbCONNECT24. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to observable response discrepancy. This vulnerability is handled as CVE-2025-3092. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-3091 | MB connect line/Helmholz mbCONNECT24/mymbCONNECT24/myREX24/myREX24.virtual prior 2.16.5 authorization (VDE-2025-035 / EUVD-2025-19010)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability was found in MB connect line/Helmholz mbCONNECT24, mymbCONNECT24, myREX24 and myREX24.virtual. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to authorization bypass. This vulnerability is known as CVE-2025-3091. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-39202 | Hitachi Energy MicroSCADA X SYS600 up to 10.6 Monitor Pro Interface privileges management (EUVD-2025-19003)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability was found in Hitachi Energy MicroSCADA X SYS600 up to 10.6. It has been classified as critical. Affected is an unknown function of the component Monitor Pro Interface. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2025-39202. An attack has to be approached locally. There is no exploit available.
vuldb.com

CVE-2025-2403 | Hitachi Energy Relion 670/650 and SAM600-IO 2.2.2.6/2.2.3.7/2.2.4.4/2.2.5.6/2.2.6.2 Line Distance Communication Module allocation of resources (EUVD-2025-19005)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability was found in Hitachi Energy Relion 670 and 650 and SAM600-IO 2.2.2.6/2.2.3.7/2.2.4.4/2.2.5.6/2.2.6.2 and classified as critical. This issue affects some unknown processing of the component Line Distance Communication Module. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-2403. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-39203 | Hitachi Energy MicroSCADA X SYS600 up to 10.6 IEC 61850 integrity check (EUVD-2025-19002)

VulDB Recent Entries
10 months 3 weeks ago
A vulnerability has been found in Hitachi Energy MicroSCADA X SYS600 up to 10.6 and classified as critical. This vulnerability affects unknown code of the component IEC 61850. The manipulation leads to improper validation of integrity check value. This vulnerability was named CVE-2025-39203. The attack can be initiated remotely. There is no exploit available.
vuldb.com

The Security Fallout of Cyberattacks on Government Agencies

Security Boulevard
10 months 3 weeks ago

Cyberattacks against government agencies are escalating at an alarming pace. From state departments to small municipal offices, public sector organizations have become prime targets for ransomware, credential theft, and increasingly sophisticated supply chain attacks. What once were isolated breaches have evolved into systemic risks threatening public safety, economic stability, and national security. Behind this surge […]

The post The Security Fallout of Cyberattacks on Government Agencies appeared first on Security Boulevard.

Enzoic

Akira

Dark Feed IO
10 months 3 weeks ago

You must login to view this content

cohenido

Managed ad