Google Uncovers LOSTKEYS Malware Used by Russian COLDRIVER for Cyber Espionage Image: Google Threat Intelligence Group In a concerning escalation of cyber-espionage activity, Google’s Threat Intelligence Group (GTIG) has revealed the emergence of a new malware tool named LOSTKEY … Read more Published Date: May 08, 2025 (2 hours, 27 minutes ago) Vulnerabilities has been mentioned in […]
CVE-2025-27533: Apache ActiveMQ Memory Allocation Bug Could Lead to Denial of Service Privacy & Transparencysecurityonline.info and our partners ask for your consent to use your personal data, and to store and/or access information on your device. This includes using your personal data … Read more Published Date: May 08, 2025 (2 hours, 20 minutes ago) Vulnerabilities has […]
The following table lists the changes that have been made to the CVE-2024-55651 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 08, 2025 Action […]
LockBit ransomware gang hacked, victim negotiations exposed The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. All of the ransomware gang’s admin … Read more Published Date: May 08, 2025 (2 hours, 34 minutes ago) Vulnerabilities has been […]
Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings and `application/x-www-form-urlencoded` bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with extremely large numbers of parameters. The vulnerability arises because `Rack::QueryParser` iterates over each `&`-separated […]
Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided […]
Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the beginning of request, then saves is back to the store with possible […]
The following table lists the changes that have been made to the CVE-2025-0936 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 07, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
