BreachForums broken up? French police arrest five members of notorious cybercrime site

June 28, 2025

Suspected high-ranking members of one of the world’s largest online marketplaces for leaked data have been arrested by French police.

Read more in my article on the Hot for Security blog.

Source: Read More

Previous ArticleFBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering

Next Article GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

Highlights

CVE-2025-46825 – Kanboard Stored Cross-Site Scripting (XSS) Vulnerability

May 12, 2025

CVE ID : CVE-2025-46825

Published : May 12, 2025, 11:15 p.m. | 28 minutes ago

Description : Kanboard is project management software that focuses on the Kanban methodology. Versions 1.2.26 through 1.2.44 have a Stored Cross-Site Scripting (XSS) Vulnerability in the `name` parameter of the `http://localhost/?controller=ProjectCreationController&action=create` form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. Note that the default content security policy (CSP) blocks the JavaScript attack, though it can be exploited if an instance is badly configured and the software is vulnerable to CSS injection because of the unsafe-inline on the default CSP. Version 1.2.45 contains a fix for the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Your Slack app is getting a big upgrade – here’s how to try the new AI features

5 Kindle accessories every user should have (and why they make such a big difference)

These premium outdoor speakers made me reconsider switching to Bluetooth audio – here’s why

Google just gave its Photos app the feature upgrade it deserves – here’s what’s new

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

HopToDesk – remote desktop tool

HopToDesk – remote desktop tool

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 26/2025

Wayland vs X11: progresso necessario o strategia di marketing?

BreachForums broken up? French police arrest five members of notorious cybercrime site

Bluetooth flaws could let hackers spy through your microphone

CVE-2025-6862 – SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE-2025-36521 – MicroDicom DICOM Viewer Out-of-Bounds Read Vulnerability

Raspberry Pi OS – Debian-based distro

CVE-2025-5641 – “Radare2 Memory Corruption Vulnerability in r_cons_is_breaked Function”

Anthropic launches Claude for Education, an AI to help students think critically

CVE-2025-46825 – Kanboard Stored Cross-Site Scripting (XSS) Vulnerability

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

CVE-2025-4737 – Vivo Voice Assistant SSL/TLS Weakness

The AI for Science Forum: A new era of discovery

BreachForums broken up? French police arrest five members of notorious cybercrime site

Related Posts