Aggregator

Officials said thousands of people, typically between 11 and 25 years old, are engaged in a growing and evolving online threat to commit crime for money, retaliation, ideology, sexual gratification and notoriety.

The post FBI alerts tie together threats of cybercrime, physical violence from The Com appeared first on CyberScoop.

A vulnerability was found in MedDream PACS Premium 7.3.5.860. It has been rated as problematic. This issue affects some unknown processing of the file radiationDoseReport.php. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-32731. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Foobla Com Foobla Suggestions 1.5.1.2. This affects an unknown part of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is uniquely identified as CVE-2010-2920. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in DecryptWeb Com Dwgraphs 1.0. Affected is an unknown function of the file dwgraphs.php. The manipulation of the argument controller leads to path traversal. This vulnerability is traded as CVE-2010-1302. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Fabrikar Com Fabrikar 2.0 and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation of the argument controller leads to path traversal. The identification of this vulnerability is CVE-2010-1981. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Dionesoft Com Dioneformwizard 1.0.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is known as CVE-2010-2045. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Blueconstantmedia Com Djartgallery 0.9.1. This affects an unknown part of the file administrator/index.php. The manipulation of the argument cid[] leads to cross site scripting. This vulnerability is uniquely identified as CVE-2010-5042. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Kay Messerschmidt Com Eventcal 1.6.4 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument Itemid leads to sql injection. The identification of this vulnerability is CVE-2010-4993. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Ekith Com Dcs Flashgames 2.0. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument catid leads to sql injection. This vulnerability is known as CVE-2010-1265. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Thefactory Com Blogfactory 1.1.2. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is uniquely identified as CVE-2010-1955. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Blueconstantmedia Com Djartgallery 0.9.1. This vulnerability affects unknown code of the file administrator/index.php. The manipulation of the argument cid[] leads to sql injection. This vulnerability was named CVE-2010-5043. The attack can be initiated remotely. Furthermore, there is an exploit available.

Scattered Spider has targeted VMware vSphere environments, exploiting retail, airline and insurance sectors

Сразу тридцать государств присоединились к негласному восстанию против Кремниевой долины.

Researchers in California contacted data brokers in their state to exercise their rights under the California Privacy Protection Act. Many didn’t reply, while others threw up barriers.

The post Hundreds of registered data brokers ignore user requests around personal data appeared first on CyberScoop.

Exposed API documentation is a gift-wrapped roadmap for threat actors. The free Autoswagger tool from Intruder scans for exposed docs and flags endpoints with broken access controls—before attackers find them. [...]

The rise of agentic AI means the battle of the machines is just beginning. To win, we'll need our own agents — human and machine — working together.

Russian authorities confirmed on Monday that ongoing Aeroflot flight disruptions are due to a cyberattack affecting the nation's largest carrier.

Russia’s Aeroflot, one of the world’s oldest airlines, has been left scrambling after pro-Ukraine hackers claimed to have “completely destroyed” the carrier’s internal IT infrastructure in a stealthy, year-long campaign. The groups, known as “Silent Crow” and Belarusian counterpart “Cyber Partisans BY,” said they gained deep-tier access to systems ranging from booking platforms to executive […]

The post Hackers Allegedly Destroyed Aeroflot Airlines’ IT Infrastructure in Year-Long Attack appeared first on Cyber Security News.