Aggregator

CVE-2025-53014 | ImageMagick up to 6.9.13-25/7.1.1 InterpretImageFilename out-of-bounds (GHSA-hm4x-r5hc-794f / EUVD-2025-21380)

VulDB Recent Entries
7 months 1 week ago
A vulnerability has been found in ImageMagick up to 6.9.13-25/7.1.1 and classified as problematic. Affected by this vulnerability is the function InterpretImageFilename. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-53014. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-52363 | Tenda CP3 Pro 22.5.4.93 /etc/passwd weak password hash (EUVD-2025-21383)

VulDB Recent Entries
7 months 1 week ago
A vulnerability, which was classified as problematic, was found in Tenda CP3 Pro 22.5.4.93. Affected is an unknown function of the file /etc/passwd. The manipulation leads to password hash with insufficient computational effort. This vulnerability is traded as CVE-2025-52363. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com

New MITRE framework takes aim at crypto threats

Help Net Security
7 months 1 week ago

MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework designed to tackle vulnerabilities in digital financial ecosystems, including cryptocurrency platforms. Modeled after the MITRE ATT&CK framework, AADAPT offers developers, policymakers, and financial institutions a structured approach to identifying, analyzing, and mitigating threats tied to digital asset payment technologies. Drawing on insights from over 150 sources across government, industry, and academia, the framework maps adversarial tactics, techniques, and procedures (TTPs) … More →

The post New MITRE framework takes aim at crypto threats appeared first on Help Net Security.

Industry News

Interlock ransomware group deploys new PHP-based RAT via FileFix

Security Affairs
7 months 1 week ago
Interlock ransomware group deploys new PHP-based RAT via FileFix (a ClickFix variant) in a widespread campaign targeting multiple industries. The Interlock ransomware group is deploying a new PHP-based variant of the Interlock RAT in a broad campaign. According to researchers from the DFIR Report, in partnership with Proofpoint, it uses a delivery method known as FileFix, […]
Pierluigi Paganini

Managed ad