Safepay
You must login to view this content
Aggregator
Safepay
11 months ago
You must login to view this content
cohenido
Safepay
11 months ago
You must login to view this content
cohenido
Safepay
11 months ago
You must login to view this content
cohenido
Safepay
11 months ago
You must login to view this content
cohenido
Oracle Fixes Critical Bug in Cloud Code Editor
11 months ago
The bug allowed an attacker an easy way to compromise a full suite of developer tools in Oracle Cloud Infrastructure.
Jai Vijayan, Contributing Writer
ISC2 Finds Orgs Are Increasingly Leaning on AI
11 months ago
While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.
Kristina Beek
Ryuk ransomware operator extradited to US, faces five years in federal prison
11 months ago
Karen Vardanyan and his co-conspirators allegedly deployed ransomware on hundreds of machines in 2019 and 2020, extorting more than $15 million from victims at the time.
The post Ryuk ransomware operator extradited to US, faces five years in federal prison appeared first on CyberScoop.
Matt Kapko
Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites
11 months ago
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting WordPress websites through an ingenious ZIP archive-based attack mechanism. The malware, first reported in July 2025, represents a significant evolution in web-based threats, utilizing advanced obfuscation techniques and stealthy persistence methods to redirect unsuspecting visitors to malicious domains while simultaneously conducting search engine optimization poisoning operations. […]
The post Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites appeared first on Cyber Security News.
Tushar Subhra Dutta
U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms
11 months ago
A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country. [...]
Bill Toulas
Welcoming Aura to Have I Been Pwned's Partner Program
11 months ago
One of the greatest fears we all have in the wake of a data breach is having our identity stolen. Nefarious parties gather our personal information exposed in the breach, approach financial institutions and then impersonate us to do stuff like this:
So I recently somewhat had my identity stolen,Troy Hunt
House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats
11 months ago
The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025.
The post House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats appeared first on CyberScoop.
djohnson
Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections
11 months ago
An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication.
Nate Nelson, Contributing Writer
CVE-2025-6982 | TP-Link Archer C50 V3/Archer C50 V4/Archer C50 V5 hard-coded credentials
11 months ago
A vulnerability has been found in TP-Link Archer C50 V3, Archer C50 V4 and Archer C50 V5 and classified as critical. This vulnerability affects unknown code. The manipulation leads to hard-coded credentials. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-6982. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
CVE-2025-6983 | TP-Link Archer C1200 up to 1.1.5 Web Management Page ui layer (EUVD-2025-21737)
11 months ago
A vulnerability, which was classified as problematic, was found in TP-Link Archer C1200 up to 1.1.5. This affects an unknown part of the component Web Management Page. The manipulation leads to improper restriction of rendered ui layers. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2025-6983. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-53908 | rommapp romm up to 3.10.2/4.0.0-beta2 /api/raw path traversal (GHSA-fx9g-xw4j-jwc3)
11 months ago
A vulnerability, which was classified as problematic, has been found in rommapp romm up to 3.10.2/4.0.0-beta2. Affected by this issue is some unknown functionality of the file /api/raw. The manipulation leads to path traversal: '/dir/../filename'.
This vulnerability is handled as CVE-2025-53908. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-7729 | Scada-LTS up to 2.7.8.1 usersProfiles.shtm Username cross site scripting
11 months ago
A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The manipulation of the argument Username leads to cross site scripting.
This vulnerability is known as CVE-2025-7729. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this issue and confirmed that it will be fixed in the upcoming release 2.8.0.
vuldb.com
CVE-2025-7728 | Scada-LTS up to 2.7.8.1 users.shtm Username cross site scripting
11 months ago
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. Affected is an unknown function of the file users.shtm. The manipulation of the argument Username leads to cross site scripting.
This vulnerability is traded as CVE-2025-7728. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this issue and confirmed that it will be fixed in the upcoming release 2.8.0.
vuldb.com
Submit #607950: SCADA-LTS 2.7.8.1 Cross Site Scripting [Accepted]
11 months ago
Submit #607950 / VDB-316711
nmmorette
Submit #607949: SCADA-LTS 2.7.8.1 Cross Site Scripting [Accepted]
11 months ago
Submit #607949 / VDB-316710
nmmorette