Aggregator

A vulnerability has been found in Arteche saTECH BCU 2.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-2860. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Arteche saTECH BCU 2.1.3. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2025-2859. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Arteche saTECH BCU 2.1.3. This issue affects some unknown processing of the component CLI. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2025-2858. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as problematic was found in Arteche saTECH BCU 2.1.3. This vulnerability affects unknown code of the component HTTP Protocol Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2025-2861. The attack can be initiated remotely. There is no exploit available.

Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector. The campaign utilizes a novel malware family called SHELBY, which abuses GitHub for command-and-control (C2) operations, data exfiltration, and command retrieval. Novel Malware Family Targets Iraqi Telecommunications Sector The SHELBY malware family consists of two main components: SHELBYLOADER and […]

The post SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in IBM PowerVM Hypervisor up to FW1050.30/FW1060.20. This affects an unknown part of the component Linux Processor Combability Mode. The manipulation leads to highly compressed data. This vulnerability is uniquely identified as CVE-2025-0986. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Как Shadow IT стало незаметной нормой — и что с этим делать.

A vulnerability was found in Fermax DuoxMe App up to 3.3.0 on iOS. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cleartext storage of sensitive information. This vulnerability is handled as CVE-2025-2909. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Fermax MeetMe. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Authentication Service. The manipulation leads to observable response discrepancy. This vulnerability is known as CVE-2025-2910. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Fermax MeetMe. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is traded as CVE-2025-2911. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Streamsoft Prestiż up to 18.2.376 and classified as problematic. This issue affects some unknown processing. The manipulation leads to weak encoding for password. The identification of this vulnerability is CVE-2024-7407. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar power system vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids.  The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. "The new vulnerabilities can

A vulnerability has been found in Streamsoft Prestiż and classified as critical. This vulnerability affects unknown code. The manipulation of the argument Multiple leads to sql injection. This vulnerability was named CVE-2024-11504. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Monetization is the most pressing challenge in the industry—for operators and for most ecosystem players—but also a stubbornly elusive target. Network capacity and coverage have expanded significantly, supporting a sustained increase in traffic and subscribership. Over 70% of people worldwide have mobile connectivity...

In today’s evolving digital landscape, cyber threats are becoming increasingly sophisticated, targeting organizations of all sizes. Traditional security measures struggle to keep up with the sheer volume and complexity of modern cyberattacks. To counter these challenges, businesses need a proactive, AI-driven security solution that offers real-time threat detection, automated responses, and comprehensive security analytics. Seceon’s

The post aiSIEM-Cguard: Revolutionizing Cybersecurity with AI-Powered Threat Detection appeared first on Seceon Inc.

The post aiSIEM-Cguard: Revolutionizing Cybersecurity with AI-Powered Threat Detection appeared first on Security Boulevard.

Forescout Vedere Labs has uncovered 46 new vulnerabilities in solar power systems, primarily affecting inverters from three leading manufacturers Sungrow, Growatt, and SMA. These flaws, if exploited, could enable attackers to manipulate inverter settings, disrupt power grids, and compromise user privacy. The research highlights that 80% of vulnerabilities disclosed in solar systems over the past […]

The post 46 New Vulnerabilities in Solar Inverter Systems Allow Attackers to Tamper with Settings appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Bots Pyramid of Pain: a framework for effective bot defense.

Deep learning models, increasingly integral to safety-critical systems like self-driving cars and medical devices, are vulnerable to stealthy backdoor attacks. These attacks involve injecting hidden triggers into models, causing them to misbehave when triggered. Researchers from the Qatar Computing Research Institute and the Mohamed bin Zayed University of Artificial Intelligence have developed DeBackdoor, a novel […]

The post DeBackdoor: A Framework for Detecting Backdoor Attacks in Deep Learning Models appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in jdsofttech School Management System Plugin up to 2.2.16 on WordPress. It has been classified as critical. This affects the function wpsp_UpdateTeacher of the component Password Reset Handler. The manipulation leads to authorization bypass. This vulnerability is uniquely identified as CVE-2025-1667. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in quyle91 Administrator Z Plugin up to 2025.03.24 on WordPress. It has been classified as problematic. This affects the function adminz_import_backup. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-2815. It is possible to initiate the attack remotely. There is no exploit available.