CVE Alert: CVE-2025-5086 – Dassault Systèmes – DELMIA Apriso
CVE-2025-5086 CRITICALExploitation active A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead...
Month: September 2025
HackerOne Bug Bounty Disclosure: stored-xss-on-tiktok-s-backend-leads-to-the-leakage-of-highly-sensitive-administrator-data-cookies-api-keys-internal-paths-emails-phone-numbers-ahmed-xyz
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:ahmed_xyzLink to Submitters Profile:https://hackerone.com/ahmed_xyz Report Title:Stored XSS on TikTok's backend leads to...
HackerOne Bug Bounty Disclosure: toctou-race-condition-in-http-connection-reuse-leads-to-certificate-validation-bypass–xrey
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:0xreyLink to Submitters Profile:https://hackerone.com/0xrey Report Title:TOCTOU Race Condition in HTTP/2 Connection Reuse...
HackerOne Bug Bounty Disclosure: chained-broken-access-control-in-tiktok-live-backstage-enables-full-control-of-public-leaderboard-activities-eneri
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:eneriLink to Submitters Profile:https://hackerone.com/eneri Report Title:Chained Broken Access Control in TikTok Live...
CVE Alert: CVE-2025-9018 – germanpearls – Time Tracker
CVE-2025-9018 HIGHNo exploitation known The Time Tracker plugin for WordPress is vulnerable to unauthorized modification and loss of data due...
CVE Alert: CVE-2025-9874 – webcodingplace – Ultimate Classified Listings
CVE-2025-9874 HIGHNo exploitation known The Ultimate Classified Listings plugin for WordPress is vulnerable to Local File Inclusion in all versions...
CVE Alert: CVE-2025-8417 – idiatech – Catalog Importer, Scraper & Crawler
CVE-2025-8417 HIGHNo exploitation known The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection in...
CVE Alert: CVE-2025-9693 – khaledsaikat – User Meta – User Profile Builder and User management plugin
CVE-2025-9693 HIGHNo exploitation known The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable...
CVE Alert: CVE-2025-8422 – fassionstorage – Propovoice: All-in-One Client Management System
CVE-2025-8422 HIGHNo exploitation known The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in...
CVE Alert: CVE-2025-9073 – maheshmthorat – All in one Minifier
CVE-2025-9073 HIGHNo exploitation known The All in one Minifier plugin for WordPress is vulnerable to SQL Injection via the 'post_id'...
CVE Alert: CVE-2025-8425 – mythemeshop – My WP Translate
CVE-2025-8425 HIGHNo exploitation known The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can...
Anthropic’s Claude Code Runs Code To Test If It Is Safe – Which Might Be A Bigmistake
App security outfit Checkmarx says automated reviews in Anthropic's Claude Code can catch some bugs but miss others – and...
Nokia Successor Hmd Spawns Secure Device Biz With Euro Made Smartphone
Finnish phone maker HMD Global is launching a business unit called HMD Secure to target governments and other security-critical customers,...
Jaguar Land Rover U Turns To Confirm ‘some Data’ Affected After Cyber Prang
Jaguar Land Rover (JLR) says "some data" was affected after the luxury car maker suffered a digital break-in early last...
Cybercrooks Ripped The Wheels Off At Jaguar Land Rover. Here’s How Not To Gettaken For A Ride
Feature Jaguar Land Rover (JLR) is the latest UK household name to fall victim to a major cyberattack. IT systems...
Atlassian’s Move To Cloud Only Means Customers Face Integration Issues And More
Atlassian is discontinuing its datacenter products, including Jira, Confluence and Bamboo, in favor of Atlassian Cloud. There is a partial...
Cobalt Strike Beacon Detected – 8[.]140[.]239[.]162:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 1[.]15[.]34[.]67:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]43[.]91[.]156:18081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 119[.]29[.]254[.]242:9898
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 117[.]72[.]159[.]96:8085
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]132[.]173[.]62:4444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]243[.]175[.]24:8444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]120[.]32[.]72:8069
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
