CVE-2025-15212 — SQL injection in code-projects Refugee Food Management System 1.0 Threat Advisories CyberDefenderDecember 30, 2025December 30, 202510 mins0 CVE-2025-15212 is a SQL injection vulnerability affecting Refugee Food Management System (version 1.0) distributed on code-projects. The…continue reading..
CVE-2025-15284: When a Safety Limit Isn’t a Safety Limit — Breaking qs Array Parsing Threat Advisories AegironDecember 30, 2025December 30, 20258 mins0 CVE ID: CVE-2025-15284Severity: HIGHCVSS Score: 7.5Impact: Availability (Denial of Service) Exploitability Summary This vulnerability allows attackers to…continue reading..
CVE-2025-23458 – Reflected Cross-Site Scripting (XSS) in Rakessh Ads24 Lite plugin for WordPress Threat Advisories CyberDefenderDecember 30, 2025December 30, 20253 mins0 CVE-2025-23458 is a high-severity vulnerability involving Improper Neutralization of Input During Web Page Generation, commonly known as…continue reading..
CVE-2025-23469 – Reflected Cross-Site Scripting (XSS) in Sleekplan WordPress plugin Threat Advisories CyberDefenderDecember 30, 2025December 30, 20253 mins0 CVE-2025-23469 is a Reflected Cross-Site Scripting (XSS) security issue found in versions up to and including 0.2.0…continue reading..
CVE-2025-23550 — Reflected Cross-Site Scripting (XSS) in WordPress “Product Puller” plugin Threat Advisories CyberDefenderDecember 30, 2025December 30, 20252 mins0 CVE-2025-23550 is a Reflected Cross-Site Scripting (XSS) vulnerability affecting the WordPress “Product Puller” plugin (developed by Kemal…continue reading..
CVE-2025-23554 vulnerability in Jakub Glos Off Page SEO allows Reflected XSS Threat Advisories CyberDefenderDecember 30, 2025December 30, 20252 mins0 CVE-2025-23554 is a high-severity security vulnerability classified as Improper Neutralization of Input During Web Page Generation —…continue reading..
ColdFusion Servers Under Fire: Millions of Live Attacks Are Happening Right Now Cyber Threat Intelligence AegironDecember 30, 2025December 30, 20259 mins0 Security Alert Issued: December 29, 2024Attack Type: Mass exploitation campaign / webshell deploymentPrimary Target: Adobe ColdFusion application…continue reading..
January 2026 Countdown: Sweden’s NIS2 Cybersecurity Act CyberSecurity News CyberDefenderDecember 30, 2025December 30, 20256 mins0 The Cybersecurity Act (Swedish: Cybersäkerhetslagen) is Sweden’s national law transposing the EU’s NIS2 Directive into domestic legislation.…continue reading..
Codefinger: The Ransomware That Doesn’t Infect Your Servers — It Erases Your Cloud Cyber Threat Intelligence AegironDecember 30, 2025December 30, 202511 mins0 Threat Advisory Date: December 30, 2024Threat Name: Codefinger RansomwareTarget Platform: Amazon Web Services (AWS) S3Classification: Cloud-Native Ransomware…continue reading..
When Updates Turn Malicious: EmEditor Supply Chain Breach Exposes Developers to Credential Theft Cyber Threat Intelligence AegironDecember 30, 2025December 30, 202511 mins0 Incident Report Date: December 30, 2024Attack Classification: Supply Chain Compromise / Software Distribution Channel AttackSeverity: CRITICALThreat Actor:…continue reading..
