CVE-2025-31654

An attacker can get information about the groups of the smart home devices for arbitrary users i.e., "rooms"...

CVE-2025-31654 Growatt Cloud portal Authorization Bypass Through User-Controlled Key

An attacker can get information about the groups of the smart home devices for arbitrary users i.e., "rooms"...

CVE-2025-31654 Growatt Cloud portal Authorization Bypass Through User-Controlled Key

An attacker can get information about the groups of the smart home devices for arbitrary users i.e., "rooms"...

Improved MST3 Encryption Scheme Based on Small Ree Groups

This article presents an encryption scheme based on the small Ree groups. We propose utilizing the small Ree group structure to enhance the overall security parameters of the encryption scheme. By extending the logarithmic signature to encompass the entire group and modifying the encryption...

RHEL 6 : openstack-nova (RHSA-2014:0366)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0366 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform...

RHEL 7 : openstack-neutron (RHSA-2017:2451)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2451 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...

The Most Dangerous Hackers You’ve Never Heard Of

From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar...

Moodle 4.2.x < 4.2.1 XSS Risk on groups page

According to its self-reported version, the Moodle install hosted on the remote host is 3.11.x prior to 3.11.15, 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.4 or 4.2.x prior to 4.2.1. It is, therefore, affected by a Cross-Site Scripting in content on the groups page. Note that the scanner has not...

Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.16 or 4.3.x prior to 4.3.10 or 4.4.x prior to 4.4.6 or 4.5.x prior to 4.5.2. It is, therefore, affected by multiple vulnerabilities. - An SQL injection risk was identified in the module list filte...

Moodle 3.11.x < 3.11.15 XSS Risk on groups page

According to its self-reported version, the Moodle install hosted on the remote host is 3.11.x prior to 3.11.15, 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.4 or 4.2.x prior to 4.2.1. It is, therefore, affected by a Cross-Site Scripting in content on the groups page. Note that the scanner has not...

Moodle 4.0.x < 4.0.9 XSS Risk on groups page

According to its self-reported version, the Moodle install hosted on the remote host is 3.11.x prior to 3.11.15, 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.4 or 4.2.x prior to 4.2.1. It is, therefore, affected by a Cross-Site Scripting in content on the groups page. Note that the scanner has not...

2025 Ransomware: Business as Usual, Business is Booming

Getting an edge on your adversaries involves understanding their behaviors and their mindset. Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus far—and what you can do now to reduce your attack...

2025 Ransomware: Business as Usual, Business is Booming

Getting an edge on your adversaries involves understanding their behaviors and their mindset. Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus far—and what you can do now to reduce your attack...

Year in Review: In conversation with the report's authors

🎥 Talos Year in Review 2024: Part 1 & 2 - Watch Now! Another year, another mountain of malicious telemetry to sift through. I spoke with a few of Talos' Year in Review authors, freshly out of the sandbox, to discuss the how's and why's of our biggest findings. 👉 Part 1: The major theme of 2024, t...

A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware

Co-authored by Yaniv Allender and Anna Sirokova Introduction Ransomware remains a major threat, causing significant disruption and financial losses to organizations across various sectors. Cybercriminal groups behind these attacks constantly adapt their methods to maximize damage and profit. At...

CVE-2024-42325 Excessive information returned by user.get

Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...

CVE-2024-42325

Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...

CVE-2025-2242 Incorrect Authorization in GitLab

An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allows a user who was an instance admin before but has since been downgraded to a regular user to continue to maintain elevated privileges to...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.6 that stems from an SQL injection in the nextPage parameter...

Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker

A new investigation has unearthed nearly 200 unique command-and-control C2 domains associated with a malware called Raspberry Robin. "Raspberry Robin also known as Roshtyak or Storm-0856 is a complex and evolving threat actor that provides initial access broker IAB services to numerous criminal...