Microsoft Trust Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware...
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
The U.S. Treasury Department has announced that it's removing sanctions against Tornado...
Coinbase was primary target of recent GitHub Actions breaches
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions...
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records...
Friday Squid Blogging: A New Explanation of Squid Camouflage
New research: An associate professor of chemistry and chemical biology at Northeastern...
My Writings Are in the LibGen AI Training Corpus
The Atlantic has a search tool that allows you to search for specific works in the “LibGen”...
Fake Semrush ads used to steal SEO professionals’ Google accounts
A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Latest Vulnerabilities
-
CVE-2025-2628
6.3A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the...
-
CVE-2025-2626
6.3A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability affects unknown code of the file edit_case.php. The...
-
CVE-2025-2627
6.3A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The...
-
CVE-2025-2625
6.3A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /system/cms/content/page. The manipulation of the argument...
-
CVE-2025-2624
6.3A vulnerability was found in westboy CicadasCMS 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/cms/content/save. The manipulation of...
Latest Critical Vulnerabilities
-
CVE-2025-2621
9.8A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to...
-
CVE-2025-2620
9.8A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component...
-
CVE-2025-2618
9.8A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler....
-
CVE-2025-2619
9.8A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The...
-
CVE-2025-29814
9.3Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
-
CVE-2024-12016
9.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection.This issue affects CM News: through 6.0. NOTE: The...
-
CVE-2025-2505
9.8The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated...
-
CVE-2024-13442
9.8The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is due to the plugin not properly...