CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

EUVD-2024-55038

HCL Traveler for Microsoft Outlook HTMO is susceptible to a credential leakage which could allow an attacker to access other computers or applications...

EUVD-2006-4936

Malware in sbrugna...

CVE-2025-27212

An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network. Affected Products: UniFi Access Reader Pro Version 2.14.21 and earlier UniFi Access G2 Reader Pro Version 1.10.32 and earlier UniFi...

Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools

Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon aka Hafnium have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber contracting ecosystem and its offensive capabilities. The patents cover forensics and intrusion tools...

PT-2025-30007 · Ubiquiti · Unifi Access +1

Name of the Vulnerable Software and Affected Versions: UniFi Access Reader Pro versions 2.14.21 and earlier UniFi Access G2 Reader Pro versions 1.10.32 and earlier UniFi Access G3 Reader Pro versions 1.10.30 and earlier UniFi Access Intercom versions 1.7.28 and earlier UniFi Access G3 Intercom...

FBI Seizes BreachForums Website

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has gained access to the hacking forums backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be use...

Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York

U.S. law enforcement authorities have arrested a 21-year-old New York man in connection with running the infamous BreachForums hacking forum under the online alias "Pompompurin." The development, first reported by Bloomberg Law, comes after News 12 Westchester, earlier this week, said that federa...

Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards

An international law enforcement operation has resulted in the dismantling of WT1SHOP, an online criminal marketplace that specialized in the sales of stolen login credentials and other personal information. The seizure was orchestrated by Portuguese authorities, with the U.S. officials taking...

23-Year-Old Russian Hacker Wanted by FBI for Running Marketplace of Stolen Logins

A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation's FBI Cyber Most Wanted List for his alleged role as the administrator of Marketplace A, a cyber crime forum that sold stolen login credentials, personal information, and credit card data...

Fortinet FortiWeb 信息泄露漏洞

American Fita Fortinet was founded in October 2000, is committed to chip design, network communication speed, security and defense. A security vulnerability exists in Fortinet fortiweb, which can be exploited by an attacker to read the password used by the FortiWeb scanner to access devices defin...

$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail

Authorities have sentenced a hacker to eight years in prison for trafficking stolen personally identifiable information PII and online banking credentials resulting in losses totaling over $100 million. Aleksandr Brovko, 36, formerly of the Czech Republic, pleaded guilty in February to conspiracy...

Operational Technology Networks or OT

Operational Technology Networks or OT Notes: It’s mixing up OT with maritime, so probably isn’t suitable as is. The first section is really good, very relevant. We can use all of that. Once we get in to NMEA data, then it goes off topic. I suggest: Network equipment such as the Scalance Then a...

D-Link DSL-2640B DNS Change Vulnerability

The D-Link DSL-2640B is a router device. A security vulnerability exists in the D-Link DSL-2640B. The vulnerability exists in the web interface and can be exploited by an attacker to access sites and devices on vulnerable systems, redirecting to a malicious site...

Clickjacking Vulnerability in HP Diagnostics

HP Diagnostics is a suite of end-to-end application management, monitoring, diagnostic analysis and troubleshooting solutions from Hewlett-Packard. A clickjacking vulnerability exists in HP Diagnostics. An attacker could exploit this vulnerability to steal cookie-based authentication credentials...

Russian Hacker Behind LinkedIn Breach also Charged with Hacking Dropbox and Formspring

The alleged Russian hacker, who was arrested by the FBI in collaboration with the Czech police, was believed to be the one responsible for massive 2012 data breach at LinkedIn, according to a statement released by LinkedIn. Now, United States authorities have officially indicted Yevgeniy...

IP Power 9258+ Authentication Bypass

| | | | | | | | \ | | | \ | | | \ | | | | | | | | | | | / | / | |,|||/ |,|||,| | \ \ \ | | \ | | | | / / ./ ,||| | |Teach, Learn, Party|Teach, Learn, Party|Teach, Learn, Party| irc.efnet.net unallocatedspace --=+Multiple Remote Exploits in IP Power 9258+=-- by Crypt0s IP Power is a...