EUVD-2025-74042

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the...

CVE-2025-5454

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

PT-2025-46303

Name of the Vulnerable Software and Affected Versions Axis affected versions not specified Description An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This issue is exploitable if the Axis device is configured to allow the installatio...

Fantasy Hub is spyware for rent—complete with fake app kits and support

Researchers at Zimperium identified Fantasy Hub, a new Android spyware developed and sold as a subscription on Russian-language cybercrime forums. Malware-as-a-Service MaaS means cybercriminals rent out to malware to other criminals, complete with the infrastructure necessary to harvest and abuse...

CVE-2025-64496

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers vi...

Inside LockBit: Technical, Behavioral, and Financial Anatomy of a Ransomware Empire

LockBit has evolved from an obscure Ransomware-as-a-Service newcomer in 2019 to the most prolific ransomware franchise of 2024. Leveraging a recently leaked MySQL dump of the gang's management panel, this study offers an end-to-end reconstruction of LockBit's technical, behavioral, and financial...

CVE-2025-11980

The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

GHSA-CM35-V4VP-5XVX Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Summary Open WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers via Server-Sent Event SSE execute events. This leads to authentication token theft, comple...

CVE-2025-12815

An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio RES on AWS before version 2025.09 may allow an authenticated remote user to view another user's active desktop session metadata, including periodical desktop preview screenshots. To mitigate...

Security Bulletin: IBM Engineering Test Management bundles IBM WebSphere Application Server which could provide weaker than expected security.

Summary IBM WebSphere Application Server shipped with IBM Engineering Test Management could provide weaker than expected security for TLS connections CVE-2025-33142. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

EUVD-2025-38104

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

EUVD-2025-38148

An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio RES on AWS before version 2025.09 may allow an authenticated remote user to view another user's active desktop session metadata, including periodical desktop preview screenshots. To mitigate...

CVE-2025-12815

Summary of CVE-2025-12815 (AWS RES) : An ownership verification issue exists in the Virtual Desktop preview page of the Research and Engineering Studio (RES) on AWS, affecting versions prior to 2025.09. A remote user with network access may be able to view metadata from another user’s active desk...

CVE-2025-60243

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

PT-2025-45284

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

Black-Box Guardrail Reverse-Engineering Attack

Large language models LLMs increasingly employ guardrails to enforce ethical, legal, and application-specific constraints on their outputs. While effective at mitigating harmful responses, these guardrails introduce a new class of vulnerabilities by exposing observable decision patterns. In this...

HCL BigFix Query 安全漏洞

HCL BigFix Query is a module for querying and collecting system status data in real-time from HCL India. A security vulnerability exists in HCL BigFix Query that stems from an HTTP GET endpoint request in the WebUI Query application returning a discoverable response that could disclose the group...

Cybercriminals Targeting Payroll Sites

Microsoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people's credentials, and then divert direct deposits into accounts that they control. Sometimes they do other things to make it harder for the victim to realize what is happening. I feel li...

EUVD-2025-37230

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file...

Dynamic binary instrumentation (DBI) with DynamoRio

This blog introduces dynamic binary instrumentation DBI and guides you through building your own DBI tool with the open-source DynamoRIO framework on Windows 11. DBI enables powerful runtime analysis and modification of binaries critical for malware analysis, security auditing, reverse engineerin...