Aggregator
Chinese Student Jailed for Smishing: Operated Covert “SMS Blaster” in Car for Mass Phishing
A major investigation into large-scale SMS fraud has concluded in London, culminating in the conviction of Chinese student Ruichen Xiong, who has been sentenced to over a year in prison for orchestrating an elaborate smishing...
The post Chinese Student Jailed for Smishing: Operated Covert “SMS Blaster” in Car for Mass Phishing appeared first on Penetration Testing Tools.
Forminator WordPress Plugin Flaw (CVE-2025-6463, CVSS 8.8): Unauthenticated Arbitrary File Deletion Leads to Site Takeover
A critical vulnerability has been discovered in the popular WordPress plugin Forminator, enabling unauthenticated attackers to arbitrarily delete files from a website. This flaw poses a significant threat, potentially allowing full compromise of targeted...
The post Forminator WordPress Plugin Flaw (CVE-2025-6463, CVSS 8.8): Unauthenticated Arbitrary File Deletion Leads to Site Takeover appeared first on Penetration Testing Tools.
如何调试Microsoft Defender for Endpoint (MDE) 发现 CVE 漏洞
Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition
Key Takeaways1. Next.js versions 15.1.0-15.1.8 have a cache poisoning bug causing DoS attacks through blank page delivery.2. Needs affected Next.js version + ISR with cache revalidation + SSR with CDN caching 204 responses.3. Race condition allows HTTP 204 responses to be cached for static pages, serving empty content to all users.4. Update to Next.js 15.1.8+ […]
The post Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition appeared first on Cyber Security News.