![]() |
Description: The U.S. government wants to confiscate millions of dollars in funds tied to illegal employment of North Korean IT workers at American companies.
June 6th, 2025 (about 1 month ago)
|
![]() |
Description: The new PathWiper, spotted in an attack on Ukrainian critical infrastructure, has similarities to wiper malware previously deployed by the Russian group known as Sandworm.
June 6th, 2025 (about 1 month ago)
|
![]() |
June 6th, 2025 (about 1 month ago)
|
CVE-2025-5757 |
Description: A vulnerability was found in code-projects Traffic Offense Reporting System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /save-reported.php. The manipulation of the argument offence_id/vehicle_no/driver_license/name/address/gender/officer_reporting/offence leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine problematische Schwachstelle wurde in code-projects Traffic Offense Reporting System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei /save-reported.php. Dank der Manipulation des Arguments offence_id/vehicle_no/driver_license/name/address/gender/officer_reporting/offence mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: LOW (3.5) EPSS Score: 0.03%
June 6th, 2025 (about 1 month ago)
|
CVE-2025-5756 |
Description: A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/EditCity.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In code-projects Real Estate Property Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /Admin/EditCity.php. Durch Beeinflussen mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
June 6th, 2025 (about 1 month ago)
|
![]() |
Description: Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.
June 6th, 2025 (about 1 month ago)
|
![]() |
Description: Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attacker’s mindset.
This is where AEV comes in.
AEV (Adversarial Exposure Validation) is an advanced
June 6th, 2025 (about 1 month ago)
|
CVE-2025-5755 |
Description: A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in SourceCodester Open Source Clinic Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /email_config.php. Durch das Beeinflussen des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
June 6th, 2025 (about 1 month ago)
|
CVE-2025-5192 |
Description: A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.
CVSS: CRITICAL (9.3) EPSS Score: 0.25%
June 6th, 2025 (about 1 month ago)
|
CVE-2025-48784 |
Description: A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.
CVSS: HIGH (8.8) EPSS Score: 0.19%
June 6th, 2025 (about 1 month ago)
|