Aggregator

INC

Dark Feed IO
6 months 1 week ago

You must login to view this content

cohenido

Millions of Dell laptops could be persistently backdoored in ReVault attacks

Help Net Security
6 months 1 week ago

A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered. About the vulnerabilities Most of the flaws reside in the firmware for ControlVault3 and ControlVault3+, which are hardware security components that store passwords, biometric templates, and security codes. The lists includes: Two out-of-bounds vulnerabilities (CVE-2025-24311, CVE-2025-25050) An arbitrary free … More →

The post Millions of Dell laptops could be persistently backdoored in ReVault attacks appeared first on Help Net Security.

Zeljka Zorz

U.S. Treasury Warns Crypto ATMs Are Aiding Criminal Activity

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
6 months 1 week ago

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued Notice FIN-2025-NTC1, dated August 4, 2025, warning financial institutions about the growing risks associated with convertible virtual currency (CVC) kiosks, also known as cryptocurrency automated teller machines (ATMs), in a major step to strengthen AML and countering the financing of terrorism (CFT) […]

The post U.S. Treasury Warns Crypto ATMs Are Aiding Criminal Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Zero Day Quest returns: Microsoft ups the stakes with $5M bug bounty

Security Affairs
6 months 1 week ago
Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live hacking contest, Zero Day Quest, in spring 2026, and this time, it’s offering up to $5 million in rewards. The competition will spotlight researchers who uncover serious […]
Pierluigi Paganini

Cisco User Data Stolen in Vishing Attack

darkreading
6 months 1 week ago
The networking giant said this week that an employee suffered a voice phishing attack that resulted in the compromise of select user data, including email addresses and phone numbers.
Alexander Culafi

CVE-2025-7498 | Exclusive Addons for Elementor Plugin 2.7.9.4 on WordPress Countdown Widget cross site scripting

VulDB Recent Entries
6 months 1 week ago
A vulnerability has been found in Exclusive Addons for Elementor Plugin 2.7.9.4 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-7498. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-8100 | Element Pack Elementor Addons and Templates Plugin Open Street Map Widget Marker cross site scripting

VulDB Recent Entries
6 months 1 week ago
A vulnerability, which was classified as problematic, was found in Element Pack Elementor Addons and Templates Plugin up to 8.1.5 on WordPress. This affects an unknown part of the component Open Street Map Widget Marker. The manipulation of the argument marker_content leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-8100. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-6994 | Reveal Listing Plugin up to 3.3 on WordPress listing_user_role Remote Code Execution

VulDB Recent Entries
6 months 1 week ago
A vulnerability, which was classified as critical, has been found in Reveal Listing Plugin up to 3.3 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument listing_user_role leads to Remote Code Execution. This vulnerability is handled as CVE-2025-6994. The attack may be launched remotely. There is no exploit available.
vuldb.com

Managed ad