๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.8K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.8K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30186 โ€ผ

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

๐Ÿ“– Read

via "National Vulnerability Database".
314 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30187 โ€ผ

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

๐Ÿ“– Read

via "National Vulnerability Database".
311 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30188 โ€ผ

Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.

๐Ÿ“– Read

via "National Vulnerability Database".
316 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-37847 โ€ผ

novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.

๐Ÿ“– Read

via "National Vulnerability Database".
315 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-37070 โ€ผ

Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)

๐Ÿ“– Read

via "National Vulnerability Database".
333 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โš  Crimeware server used by NetWalker ransomware seized and shut down โš 

The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back...

๐Ÿ“– Read

via "Naked Security".
Sophos News
Naked Security โ€“ Sophos News
344 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ“ข Stealthy Kerberoasting attacks surge and lend support to latest ransomware trend ๐Ÿ“ข

Kerberoasting techniques could be emerging as a viable alternative to traditional ransomware attacks, experts have warned

๐Ÿ“– Read

via "ITPro".
ITPro
Stealthy Kerberoasting attacks surge and lend support to latest ransomware trend
Kerberoasting techniques could be emerging as a viable alternative to traditional ransomware attacks, experts have warned
324 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Following Pushback, Zoom Says It Won't Use Customer Data to Train AI Models ๐Ÿ•ด

Company's experience highlights the tightrope tech organizations walk when integrating AI into their products and services.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Following Pushback, Zoom Says It Won't Use Customer Data to Train AI Models
Company's experience highlights the tightrope tech organizations walk when integrating AI into their products and services.
294 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30749 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <=ร‚ 7.3.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
248 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30483 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <=ร‚ 3.3.9.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
240 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29097 โ€ผ

Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <=ร‚ 3.1.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
233 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30475 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin รขโ‚ฌโ€œ Coupon Affiliates plugin <=ร‚ 5.4.5 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
212 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-31041 โ€ผ

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.

๐Ÿ“– Read

via "National Vulnerability Database".
208 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30754 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly รขโ‚ฌโ€œ Ad Manager, AdSense Ads & Ads.Txt plugin <=ร‚ 1.8.5 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
204 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30751 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <=ร‚ 1.0.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
220 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30752 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <=ร‚ 2.0.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
249 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30477 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <=ร‚ 1.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
269 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-28535 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <=ร‚ 2.2.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
267 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-30489 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <=ร‚ 1.2.16 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
288 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Health Data of 4M Stolen in Cl0p MOVEit Breach of Colorado Department ๐Ÿ•ด

State's Department of Health Care Policy & Financing is the latest to acknowledge an attack by the Russian group's ongoing exploitation of third-party systems.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Health Data of 4M Stolen in Cl0p MOVEit Breach of Colorado Department
State's Department of Health Care Policy & Financing is the latest to acknowledge an attack by the Russian group's ongoing exploitation of third-party systems.
307 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ›  jSQL Injection 0.91 ๐Ÿ› 

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

๐Ÿ“– Read

via "Packet Storm Security".
Packetstormsecurity
jSQL Injection 0.91 โ‰ˆ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
282 views