CVE ID : CVE-2025-47530
Published : May 23, 2025, 1:15 p.m. | 15 hours, 14 minutes ago
Description : Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels allows Object Injection. This issue affects WPFunnels: from n/a through 3.5.18.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-47532
Published : May 23, 2025, 1:15 p.m. | 15 hours, 14 minutes ago
Description : Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway for WooCommerce allows Object Injection. This issue affects CoinPayments.net Payment Gateway for WooCommerce: from n/a through 1.0.17.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation Source: Read More
The bustling cybercrime enterprise has been dealt a significant blow in a global operation that relied on the expertise of…
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation…
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications…
A coordinated cyber takedown executed by international law enforcement this week has hit the ransomware economy where it hurts most—its…
The U.S. Justice Department has unsealed an indictment against Rustam Rafailevich Gallyamov, a Russian national accused of running a cybercrime…
A zero-day vulnerability in the Linux kernel’s SMB (Server Message Block) implementation, identified as CVE-2025-37899, has been discovered using OpenAI’s…
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools)…
In the ever-volatile world of decentralized finance (DeFi), yet another major exploit has shaken investor confidence—this time with a staggering…
Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to…
In an international law enforcement operation, 270 individuals involved in dark web criminal activity have been arrested across ten countries.…
Cloudflare has alerted users of a security vulnerability—tracked as CVE-2025-4366—in the widely used Pingora OSS framework. This vulnerability, a request…
From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution…
As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300…
Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84…
Nation-state threat actors targeting Commvault applications hosted in Microsoft Azure may be part of a broader campaign targeting Software-as-a-Service (SaaS)…
The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a…