Deepfake sextortion forces schools to remove student photos from websites

Schools love a good photo, whether it's from a trip to a castle, a science prize ceremony, or sports day shot from three angles. For two decades, celebratory images like these have gone straight onto school websites, captioned with a name and a grade. But those days are gone, because it's the...

CVE-2026-26829

creationtimestamp| type| source ---|---|--- 2026-03-23 16:16:48+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-26829...

Ransomware and Artificial Intelligence: A Comprehensive Systematic Review of Reviews

This study provides a comprehensive synthesis of Artificial Intelligence AI, especially Machine Learning ML and Deep Learning DL, in ransomware defense. Using a "review of reviews" methodology based on PRISMA, this paper gathers insights on how AI is transforming ransomware detection, prevention,...

CVE-2026-25041

creationtimestamp| type| source ---|---|--- 2026-03-09 19:16:07+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-25041...

CVE-2026-3785

creationtimestamp| type| source ---|---|--- 2026-03-08 22:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3785...

Predicting Tail-Risk Escalation in IDS Alert Time Series

Network defenders face a steady stream of attacks, observed as raw Intrusion Detection System IDS alerts. The sheer volume of alerts demands prioritization, typically based on high-level risk classifications. This work expands the scope of risk measurement by examining alerts not only through the...

Understanding Malware Propagation Dynamics through Scientific Machine Learning

Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...

Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense

Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it's too late to stop the flood. Each stage of a ransomware...

Cleartext transmission issue in TONE store App to TONE store

Overview TONE store App provided by DREAM TRAIN INTERNET INC. contains a cleartext transmission issue to TONE store website CWE-419. Kodai Karakawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

Adversaries are leveraging remote access tools now more than ever — here’s how to stop them

Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. There is no easy way to effectively...

CVE-2023-5827

A vulnerability was found in Shanghai CTI Navigation CTI Monitoring and Early Warning System 2.2. It has been classified as critical. This affects an unknown part of the file /Web/SysManage/UserEdit.aspx. The manipulation of the argument ID leads to sql injection. The exploit has been disclosed t...

CVE-2023-5827

CVE-2023-5827 affects Shanghai CTI Navigation CTI Monitoring and Early Warning System 2.2. The vulnerability is in the file /Web/SysManage/UserEdit.aspx, where manipulating the ID parameter leads to a SQL injection. Several connected sources corroborate a critical impact with public disclosure of...

CVE-2023-5827 Shanghai CTI Navigation CTI Monitoring and Early Warning System UserEdit.aspx sql injection

A vulnerability was found in Shanghai CTI Navigation CTI Monitoring and Early Warning System 2.2. It has been classified as critical. This affects an unknown part of the file /Web/SysManage/UserEdit.aspx. The manipulation of the argument ID leads to sql injection. The exploit has been disclosed t...

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of...

CVE-2023-3797

CVE-2023-3797 affects Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. The vulnerability is in /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx, where manipulating the Filedata parameter enables unrestricted file upload. Ex...

Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a Mountain Flood Disaster Prevention Monitoring and Early Warning System from Suncreate. A code issue vulnerability exists in Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System...

Massive Targeted Exploit Campaign Against WooCommerce Payments Underway

The Wordfence Threat Intelligence team has been monitoring an ongoing exploit campaign targeting a recently disclosed vulnerability in WooCommerce Payments, a plugin installed on over 600,000 sites. Large-scale attacks against the vulnerability, assigned CVE-2023-28121, began on Thursday, July 14...

Out-of-bounds

A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file /Duty/AjaxHandle/Write/UploadFile.ashx of the component Duty Write-UploadFile. The manipulation ...

CVE-2023-3626

CVE-2023-3626 affects Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. The issue resides in the UpLoadFloodPlanFile.ashx handler (UpLoadFloodPlanFile component) where manipulation of the Filedata argument allows unrestricted file upload. Exploitatio...

CVE-2023-3626 Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System UpLoadFloodPlanFile UpLoadFloodPlanFile.ashx unrestricted upload

A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...