95 matches found
Enhanced Security in Quantum Token Protocols Using Hybrid Spin-Photon Interfaces
Quantum token protocols enable unforgeable quantum tokens promising unconditional security beyond classical cryptographic assumptions. We show here that the three stages of the Quantum token protocols involving the preparation, storage and verification can be made more secure when involving...
CVE-2025-69391
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through = 2.4.8...
CVE-2025-69391
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through = 2.4.8...
CVE-2025-69391
CVE-2025-69391 corresponds to WordPress Diamond theme (GT3themes)
CVE-2025-69391 WordPress Diamond theme <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through = 2.4.8...
CVE-2025-69391 WordPress Diamond theme <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through = 2.4.8...
WordPress plugin Diamond 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-21172
Name of the Vulnerable Software and Affected Versions GT3themes Diamond versions through 2.4.8 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting issue. This allows for the injection of malicious...
WordPress Diamond theme <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Diamond versions = 2.4.8...
CVE-2018-19160
Diamond through 3.0.1.2 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Sendit tricked kids, harvested their data, and faked messages, FTC claims
The Federal Trade Commission FTC has sued Sendit’s parent company, saying it signed up children under 13, collected their personal data, and misled them with fake messages and recurring bills. The lawsuit, filed against the app's owner Iconic Hearts Holdings Inc and CEO Hunter Rice, alleges the...
From Fitbit to financial despair: How one woman lost her life savings and more to a scammer
We hear so often about people falling for scams and losing money. But we often don’t find out the real details of what happened, and how one "like" can turn into a nightmare that controls someone’s life for many years. This is that story. Not too long ago, a scam victim named Karen reached out to...
Malicious code in diamond-clien (npm)
The package diamond-clien was found to contain malicious code...
MAL-2025-18433 Malicious code in diamond-clien (npm)
The package diamond-clien was found to contain malicious code...
A Special Diamond Is the Key to a Fully Open Source Quantum Sensor
Quantum sensors can be used in medical technologies, navigation systems, and more, but they’re too expensive for most people. That's where the Uncut Gem open source project comes in...
Defining a new methodology for modeling and tracking compartmentalized threats
In the evolving cyberthreat landscape, Cisco Talos is witnessing a significant shift towards compartmentalized attack kill chains, where distinct stages -- such as initial compromise and subsequent exploitation -- are executed by multiple threat actors. This trend complicates traditional threat...
Metasploit Weekly Wrap-Up
Customizable DNS resolution Contributor smashery added a new dns command to Metasploit console, which allows the user to customize the behavior of DNS resolution. Similarly to the route command, it is now possible to specify where DNS requests should be sent to avoid any information leak. Before...
N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a...
Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw
North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 CVSS score: 9.8, have been attributed to Diamond Sleet aka Labyrin...
beachdiamondblades.com Cross Site Scripting vulnerability OBB-3365172
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...