Aggregator

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Admin Login. The manipulation of the argument username/password leads to sql injection. This vulnerability is uniquely identified as CVE-2024-9035. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #411220 / VDB-278207

Submit #411216 / VDB-278205

A vulnerability was found in Kravchuk and classified as critical. Affected by this issue is some unknown functionality of the file unsubs.php. The manipulation of the argument scdir leads to Remote Code Execution. This vulnerability is handled as CVE-2007-3118. The attack may be launched remotely. Furthermore, there is an exploit available.

Компания подняла планку для всех вымогателей, установив новый рекорд.

Opnova announced its official launch, introducing an agentic AI platform designed to close the automation gap in complex operational workflows. Backed by $3.75 million in pre-seed funding co-led by Faber, ScaleX, and Preface Ventures, Opnova is set to redefine IT operations by addressing the challenges posed by rework—the time spent on repetitive, mundane, yet essential tasks. Operations teams are the backbone of every business, but the weight of repetitive tasks can seriously impact efficiency and … More →

The post Opnova emerges from stealth with $3.75 million in funding appeared first on Help Net Security.

Also: A Phishing Network Takedown, Another Ivanti Critical Flaw and Meta Bans RT
Munich Re said it can't insure cyberwar, it was Rhysida that hit the Seattle airport, Meta banned RT, Ivanti disclosed a flaw, hackers exploited construction software, AT&T settled with FCC, Transport of London is checking users, web servers pose big risk, and police disrupted a phishing network.

Microsoft Says Russia-Linked Cyber Actors Are Supporting Trump by Attacking Harris
Microsoft warned the Kremlin is targeting the 2024 presidential election campaign of Vice President Kamala Harris with its wide-ranging election interference operations. Russian groups likely aligned with the Kremlin have shifted their focus to the Harris campaign in recent months.

Riverwood Capital Leads Investment in Security Validation Firm to Grow in Americas
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.

German Law Enforcement Reportedly Deanonymized Tor User in 2021
The Tor Project on Wednesday reassured users that they will remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can continue to use the browser "securely" and the "Tor Network is healthy," it said.

The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold

分享独立开发、产品变现相关内容，每周五发布。目录1、aiapply: 用AI 自动化找工作2、【增长】：SEO 有效的增长策略3、【粉丝自荐】Paint Board: 一款功能强大的 WEB 端创意画

青藤，让云更安全

A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. This vulnerability is handled as CVE-2024-9034. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_category. The manipulation of the argument name leads to cross site scripting. This vulnerability is known as CVE-2024-9033. The attack can be launched remotely. Furthermore, there is an exploit available.

Hertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports. This breach has raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. Discovery of the Breach The breach came to light when a customer received an unexpected email from Hertz regarding […]

The post Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #411119 / VDB-278204

Submit #410977 / VDB-278203