Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why?

Short answer: we have no idea. People are actively complaining that their mailboxes and queues are being flooded by emails coming from the Zendesk instances of trusted companies like Discord, Riot Games, Dropbox, and many others. Zendesk is a customer service and support software platform that...

WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping

WhisperPair is a set of attacks that lets an attacker hijack many popular Bluetooth audio accessories that use Google Fast Pair and, in some cases, even track their location via Google’s Find Hub network—all without requiring any user interaction. Researchers at the Belgian University of Leuven...

Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records

A hacker claims to be selling nearly 40 million Condé Nast user records after leaking Wired.com data, with multiple major brands allegedly affected...

WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update vulnerability

Missing Authorization To Authenticated Subscriber+ Brand Permalink Settings Update vulnerability discovered by WordFence in WordPress Plugin Premmerce Brands for WooCommerce versions = 1.2.13...

WordPress Brands for WooCommerce Plugin SQL Injection Vulnerability

WordPress Brands for WooCommerce Plugin is a category of plugins for WordPress websites that specialize in helping WooCommerce online stores manage product brands. WordPress Brands for WooCommerce Plugin suffers from a SQL injection vulnerability that stems from the application's lack of validati...

CVE-2025-66723

CVE-2025-66723 affects inMusic Brands Engine DJ; the vulnerability stems from insecure permissions in the Remote Library’s exposed HTTP service, allowing an attacker to access all files and network paths. Impact is described for Engine DJ versions 4.3.0 and earlier up to 4.3.4-prepared fixes; the...

WordPress Brands for WooCommerce plugin <= 3.8.6.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Brands for WooCommerce versions = 3.8.6.3...

CVE-2025-68519

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

EUVD-2025-205200

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

CVE-2025-68519

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

CVE-2025-68519 WordPress Brands for WooCommerce plugin <= 3.8.6.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

CVE-2025-68519 WordPress Brands for WooCommerce plugin <= 3.8.6.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

CVE-2025-68519

BeRocket/Bear Brands for WooCommerce plugin (WordPress Brands for WooCommerce) contains a SQL Injection vulnerability due to improper neutralization of special elements in SQL statements. Affected versions are Brands for WooCommerce up to 3.8.6.3. The issue enables Blind SQL Injection. Remediatio...

WordPress plugin Brands for WooCommerce 安全漏洞

WordPress Brands for WooCommerce Plugin is a category of plugins for WordPress websites that specialize in helping WooCommerce online stores manage product brands. WordPress Brands for WooCommerce Plugin suffers from a SQL injection vulnerability that stems from the application's lack of validati...

CVE-2025-12783

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

EUVD-2025-202993

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-12783

CVE-2025-12783 affects the Premmerce Brands for WooCommerce WordPress plugin (impact on brand permalink settings). Public details indicate a missing capability check in the saveBrandsSettings function, affecting all versions up to 1.2.13. This enables authenticated users with Subscriber-level acc...

CVE-2025-12783 Premmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-12783 Premmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update

The Premmerce Brands for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveBrandsSettings function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin Premmerce Brands for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...