CVE-2025-65010 Missing authorizations for admin panel password change in WODESYS WD-R608U router

WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 is vulnerable to Broken Access Control in initial configuration wizard.cgi endpoint. Malicious attacker can change admin panel password without authorization. The vulnerability can also be exploited after the initial configuration has...

CVE-2025-65010

CVE-2025-65010 (WODESYS WD-R608U router / WDR122B V2.0 / WDR28) is documented with concrete details: multiple Red Hat and NVD entries describe vulnerabilities tied to the WD-R608U platform. Affected issues include Broken Access Control in the initial configuration wizard.cgi endpoint, where an at...

PT-2025-52249

WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 is vulnerable to Broken Access Control in initial configuration wizard.cgi endpoint. Malicious attacker can change admin panel password without authorization. The vulnerability can also be exploited after the initial configuration has...

Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks. "These methods allow them to bypass defense...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading

Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. "This is the first time that a RomCom payload has been observed being distributed by SocGholish," Arctic Wolf Labs...

Malicious code in initial-path (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdfbaf17e5ea42f67e6327f5dfe8766f8a5f8d83fb4b390fc8d780da5555187 The package initial-path was found to contain malicious code. Source: ghsa-malware 014c829694ccb06463ad706603727d070cbf38be1e103200b54c1235ccc82611 A...

MAL-2025-191463 Malicious code in initial-path (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdfbaf17e5ea42f67e6327f5dfe8766f8a5f8d83fb4b390fc8d780da5555187 The package initial-path was found to contain malicious code. Source: ghsa-malware 014c829694ccb06463ad706603727d070cbf38be1e103200b54c1235ccc82611 A...

EUVD-2025-199594

Malicious code in initial-path npm...

Malicious Package

Overview initial-path is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

📄 Citrix Bleed 2 PHP Mass Scanner

This is a high-speed mass-scanner written in PHP designed to test for data leakage through the CitrixBleed2 InitialValue extraction issue. The tool reproduces the functionality of the original Bash/Parallel scanner but works in restricted PHP environments...

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

A recently patched security flaw in Microsoft Windows Server Update Services WSUS has been exploited by threat actors to distribute a malware known as ShadowPad. "The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access," AhnLab Security Intelligence...

PT-2025-47681

The Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop by TokenICO plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'createSaleRecord' function in all versions up to, and including, 2.4....

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

The State of Security Today: Setting the Stage for 2026

As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are ...

Unverified Password Change

Overview flowise-ui is a Affected versions of this package are vulnerable to Unverified Password Change via the profile update process. An attacker can gain unauthorized access to user accounts by changing the email address associated with an account without additional verification steps. Note:...

Unverified Password Change

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Unverified Password Change via the profile update process. An attacker can gain unauthorized access to user accounts by changing the email address associated with an account without additional verification...