Thailand Ministry of Labour cyberattack has intensified as new revelations came which indicates that a planned data breach impacted the…
Security
Cyble’s Research and Intelligence Lab (CRIL) has analyzed a new quishing campaign that leverages QR codes embedded in PDF files…
Roblox has announced a new suite of safety and privacy updates aimed at teenagers, including an AI-driven age estimation system,…
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors.
“Targets of these campaigns ranged from organizations …
Read more
Published Date:
Jul 17, 2025 (22 hours, 32 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3648
CVE-2025-6554
CVE-2024-3400
CVE-2023-20273
CVE-2023-20198
CVE-2018-0171
Devman Claims Cyberattack on Thailand Ministry of Labour, Demands $15M Ransom
A threat actor named Devman has claimed responsibility for a cyberattack on Thailand Ministry of Labour, compromising over 300 gigabytes of sensitive data and severely disrupting government operations …
Read more
Published Date:
Jul 17, 2025 (18 hours, 6 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6043
CVE-2025-27522
CVE-2025-4389
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Jul 17, 2025Ravie LakshmananCryptocurrency / Vulnerability
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryp …
Read more
Published Date:
Jul 17, 2025 (16 hours, 17 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3648
CVE-2025-6554
CVE-2024-9474
CVE-2024-0012
CVE-2024-36401
CVE-2024-2012
CVE-2023-22527
CVE-2023-34960
CVE-2023-38646
CVE-2021-41773
CVE-2020-0688
CVE ID : CVE-2025-6391
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : Brocade ASCG before 3.3.0 logs JSON
Web Tokens (JWT) in log files. An attacker with access to the log files
can withdraw the unencrypted tokens with security implications, such as
unauthorized access, session hijacking, and information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7762
Published : July 17, 2025, 10:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7758
Published : July 17, 2025, 10:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7397
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability in the ascgshell, of
Brocade ASCG before 3.3.0 stores any command executed in the Command
Line Interface (CLI) in plain text within the command history. A local
authenticated user that can access sensitive information like passwords
within the CLI history leading to unauthorized access and potential data
breaches.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7398
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7759
Published : July 17, 2025, 10:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0. This affects an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. The manipulation of the argument Source leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1c5e49b0818037452148e0f8ff69ed04cb8fefdc. It is recommended to apply a patch to fix this issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7764
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/deletedoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7763
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Multiple endpoints are affected.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6185
Published : July 18, 2025, 12:15 a.m. | 1 hour, 7 minutes ago
Description : Leviton AcquiSuite and Energy Monitoring Hub
are susceptible to a cross-site scripting vulnerability, allowing
an attacker to craft a malicious payload in URL parameters, which would
execute in a client browser when accessed by a user, steal session
tokens, and control the service.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7765
Published : July 17, 2025, 11:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks
A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed “CitrixBleed 2,” was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite …
Read more
Published Date:
Jul 17, 2025 (2 hours, 49 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6543
CVE-2025-5777
CVE ID : CVE-2024-13972
Published : July 17, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-42209
Published : July 17, 2025, 8:15 p.m. | 2 hours, 13 minutes ago
Description : HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23267
Published : July 17, 2025, 8:15 p.m. | 29 minutes ago
Description : NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…