Aggregator

A vulnerability, which was classified as problematic, has been found in PHPGurukul Vehicle Record Management System 1.0. The impacted element is an unknown function of the file /admin/profile.php. The manipulation of the argument Name leads to cross site scripting. This vulnerability is referenced as CVE-2024-51222. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in PHPGurukul Vehicle Record Management System 1.0. The affected element is an unknown function of the file /admin/edit-vehicle.php. Executing a manipulation of the argument vehiclename/modelnumber/regnumber/vehiclesubtype/chasisnum/enginenumber can lead to cross site scripting. The identification of this vulnerability is CVE-2024-51224. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in WWBN AVideo up to 26.0. Impacted is the function _session_start. Performing a manipulation of the argument PHPSESSID results in session fixiation. This vulnerability was named CVE-2026-33492. The attack may be initiated remotely. There is no available exploit. Applying a patch is the recommended action to fix this issue.

A vulnerability described as critical has been identified in WWBN AVideo up to 26.0. This issue affects the function realpath of the file objects/import.json.php of the component POST Parameter Handler. Such manipulation of the argument fileURI leads to path traversal. This vulnerability is uniquely identified as CVE-2026-33493. The attack can only be initiated within the local network. No exploit exists. It is advisable to implement a patch to correct this issue.

Threat Actors Claim Expanded BMW Breach With IDOR Exploit, Employee and Customer PII, and Data From Mazda, Toyota, Audi, Ford, and 32 Additional Automakers

Купили дешевую приставку — получили хакера в придачу.

Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA

A sophisticated macOS infostealer known as MioLab — also tracked as Nova — has emerged as one of the most advanced Malware-as-a-Service (MaaS) platforms targeting Apple users. Advertised on Russian-speaking underground forums, MioLab marks a shift in the threat landscape, proving macOS is no longer a low-risk target. As Apple’s market share grows among software […]

The post MacOS Stealer MioLab Adds ClickFix Delivery, Wallet Theft and Team API Tools appeared first on Cyber Security News.

2025 强网杯和强网拟态部分题解 by ourren

更多最新文章，请访问SecWiki

Alleged Breach of Allopneus Exposes 453K Customers and 739K Records From France's Leading Online Tire Retailer Spanning 2014 to 2026

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

CECbot是一款此前未被记录的、针对安卓电视盒的DDoS僵尸网络，是同运营者旗下Katana僵尸网络的继任者，二者共享基础设施但无任何代码重叠。 它以原生安卓应用而非传统Mirai类ELF二进制文件构建，采用Signal、WireGuard同款的Curve25519+Ed25519+ChaCha20-Poly1305加密体系保护C2通信，实现了9层持久化机制，内置11种DDoS攻击方式，支持HTTP/2与动态TLS。 这是目前已知首个在野武器化HDMI消费电子控制协议（CEC）的恶意软件，可让攻击者完全控制HDMI总线，包括让连接的电视休眠； 可通过自动化子网扫描与ARP关联映射受害设备所在的内网，将被攻陷的电视盒变为本地网络的侦察平台。 CECbot与Nokia长期跟踪的Katana僵尸网络（Mirai变种，至少3万肉鸡，峰值攻击流量达150Gbps）为同一运营者，核心关联证据包括： 全场景DDoS攻击：内置11种攻击模块，覆盖UDP、TCP、HTTP/HTTPS全场景，核心升级包括完整的HTTP/HTTPS七层攻击，支持HTTP/2、动态加载系统TLS库，可生成8种主流浏览器的真实指纹、内置660+合法Referer地址，同时覆盖游戏流量洪泛、TCP连接攻击、SYN洪泛、多协议攻击等场景。 住宅代理能力：可作为住宅代理节点使用，支持标准SOCKS5代理与NAT环境可用的反向代理，支持按IP地理路由流量，架构与商业住宅代理SDK完全一致。 检测到安卓电视设备后，会执行启动器劫持（替换默认桌面，用户仅能看到黑屏）、SELinux绕过、OTA更新破坏（禁用6家芯片厂商的OTA服务，永久屏蔽固件升级）、安装包验证绕过等操作，实现对设备的完全控制。 CEC是HDMI接口内置的消费电子控制协议，可让连接设备互相发送开关机、切输入、调音量等控制指令，几乎所有近15年生产的电视都支持该协议。CECbot是首个有公开记录的在野利用该协议的恶意软件。 可以同时发送安卓电源键与CEC待机指令，让连接的电视休眠。 扫描HDMI总线上的所有连接设备，确认电视是否在线 可发送原生CEC指令，实现唤醒电视、劫持HDMI输入、在电视屏幕显示文字、模拟遥控器按键、控制音响等所有能力。 获取屏幕DPI、刷新率、HDR能力等信息。 该能力配合启动器劫持，可让用户误以为电视处于关机状态，大幅延迟恶意程序被发现的时间。 该能力可将被攻陷的电视盒变为内网渗透的支点，不仅针对家庭网络，在医院、企业等办公环境中风险极高。 细节: https://github.com/deepfield/public-research/blob/main/cecbot/report.md

High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024

Госдума готовит поправки об отключении международных вызовов для абонентов старше 60 лет.

四川警察学院联合成都欧深特信息科技有限公司在成都校区（成都市双流区黄水镇云岭路36号）举办开源情报分析师实战能力培训班，第2期培训班定于2026年4月26日至5月1日举行。

2026年3月9日锡特拉岛马哈扎地区发生爆炸，造成数十名平民受伤和房屋损毁。根据商业卫星图像，结合网上视频拍摄的导弹飞行轨迹，可找到美国爱国者导弹发射阵地，该阵地距离在里法拍摄导弹飞行视频的地点不到半英里。

A semiconductor testing company warned regulators that its subsidiary in Singapore suffered a ransomware attack earlier this month.

Alleged Breach of Chile's Servicio Civil Platform Exposes 110K Public Servant Records With Full Names and User IDs