Development

I never had to use Cucumber hooks in all my experience. I had to admit though, that I didn’t write the framework from scratch. At my last job, there framework was TestNG with Cucumber (that is why never had to use TEST annotation). Am I right, that if you have TestNG, you don’t need to use hooks, because you use TestNG Before/After annotation. In other words, you can’t use both. You can use ones or the others. And I think that using HOOKS defeats the purpose of having TestNG

In the Test Runner class I don’t fully understand this line ”’@RunWith(Cucumber.class)”’. If I am not mistaken, @RunWith is TestNG (and also JUnit) annotation. So, if you have Cucumber without those frameworks, how do you make your test cases run? Besides, what is in parenthesis defines a class Cucumber (that is what class keyword does), however that Class already exists. It is not a predefined class (like HashMap under utils). What is the purpose of creating a brand new class without any body?

Graphite spyware used in Apple iOS zero-click attacks on journalists

Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe.
Researchers at Citizen …
Read more

Published Date:
Jun 12, 2025 (4 hours, 26 minutes ago)

Vulnerabilities has been mentioned in this article.

Trend Micro fixes critical vulnerabilities in multiple products

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TM …
Read more

Published Date:
Jun 12, 2025 (2 hours, 37 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-43863

Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago

Description : vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality: they can call that route infinitely which will return the message that password is wrong until it is correct. This vulnerability is fixed in 4.11.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-43866

Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago

Description : vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is fixed in 4.11.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49081

Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago

Description : There is an insufficient input validation vulnerability in the warehouse
component of Absolute Secure Access prior to server version 13.55. Attackers
with system administrator permissions can impair the availability of the Secure
Access administrative UI by writing invalid data to the warehouse over the
network. The attack complexity is low, there are no attack requirements,
privileges required are high, and there is no user interaction required. There
is no impact on confidentiality or integrity; the impact on availability is
high.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49576

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49577

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49578

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49575

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49579

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-36539

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : AVEVA PI Data Archive products
are vulnerable to an uncaught exception that, if exploited, could allow
an authenticated user to shut down certain necessary PI Data Archive
subsystems, resulting in a denial of service.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-2745

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023
SP1 and prior that, if exploited, could allow an authenticated attacker
(with privileges to create/update annotations or upload media files) to
persist arbitrary JavaScript code that will be executed by users who
were socially engineered to disable content security policy protections
while rendering annotation attachments from within a web browser.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48699

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4417

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-44019

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if
exploited, could allow an authenticated user to shut down certain
necessary PI Data Archive subsystems, resulting in a denial of service.
Depending on the timing of the crash, data present in snapshots/write
cache may be lost.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4418

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : An improper validation of integrity check value vulnerability exists in

AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited,
could allow a miscreant with elevated privileges to modify PI Connector
for CygNet local data files (cache and buffers) in a way that causes the
connector service to become unresponsive.

Severity: 4.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5484

Published : June 12, 2025, 8:15 p.m. | 1 hour, 14 minutes ago

Description : A username and password are required to authenticate to the central
SinoTrack device management interface. The username for all devices is
an identifier printed on the receiver. The default password is
well-known and common to all devices. Modification of the default
password is not enforced during device setup. A malicious actor can
retrieve device identifiers with either physical access or by capturing
identifiers from pictures of the devices posted on publicly accessible
websites such as eBay.

Severity: 8.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…