Aggregator

1.Qilin勒索团伙公布了新的受害公司 2.Play勒索团伙公布了新的受害者 3.INC Ransom团伙公布新的受害公司

Браузер, который не знает о вас ничего, теперь знает всё о мошенниках.

本文约4029字，预计阅读时间12分钟。2025年6月11日普老板在克里姆林宫举行会议，审查2027-2036年俄国家军备计划草案的主要参数。

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add_reserve.php. The manipulation of the argument firstname leads to sql injection. This vulnerability is known as CVE-2025-6394. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is traded as CVE-2025-6393. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Cold email still works in 2025—but only if done right. Learn best practices, deliverability tips, and how to secure your domain for real results.

The post Is Cold Email Still Effective in 2025? Best Practices for Outreach and Security appeared first on Security Boulevard.

Submit #597662 / VDB-313387

Submit #597637 / VDB-214699

Submit #597591 / VDB-313386

Submit #597592 / VDB-313386

Submit #597566 / VDB-313386

Submit #597565 / VDB-313386

A vulnerability was found in Bitwarden up to 2.25.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-5138. The attack can be launched remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about this disclosure but did not respond in any way.

95% of C-suite leaders say that GenAI is driving a new level of innovation in their organizations, according to NTT DATA. While CEOs and business leaders are committed to GenAI adoption, CISOs and operational leaders lack the necessary guidance, clarity and resources to address security risks and infrastructure challenges associated with deployment. The C-Suite disconnect 99% of C-Suite executives are planning further GenAI investments over the next two years, with 67% of CEOs planning significant … More →

The post CISOs flag gaps in GenAI strategy, skills, and infrastructure appeared first on Help Net Security.

Ни одного файла, ни одного следа — а все ваши пароли уже в чьём-то Telegram-канале.

A vulnerability was found in Apple iOS up to 10.3.2 and classified as critical. This issue affects some unknown processing of the component libxpc. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2017-7047. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Even security teams, the ones responsible for protecting the business, are adding to AI-related risk. A new survey by AI security company Mindgard, based on responses from over 500 cybersecurity professionals at RSAC 2025 Conference and Infosecurity Europe 2025, found that many security staff are using AI tools on the job without approval. Al tools usage by security teams (Source: Mindgard) This growing use of unapproved AI, often called shadow AI, is becoming a major … More →

The post Who’s guarding the AI? Even security teams are bypassing oversight appeared first on Help Net Security.

A vulnerability has been found in CloudClassroom-PHP-Project 1.0 and classified as critical. This vulnerability affects unknown code of the component registrationform. The manipulation of the argument pass leads to sql injection. This vulnerability was named CVE-2025-45542. The attack can be initiated remotely. Furthermore, there is an exploit available.

Мошенники потратят на вас время, но останутся с носом. Теперь ваш голос для них — загадка.

A vulnerability was found in RBX Gallery 2.1. It has been rated as very critical. This issue affects some unknown processing of the file uploader.php of the component File Upload. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2012-3575. The attack may be initiated remotely. Furthermore, there is an exploit available.