mastodon.ie is one of the many independent Mastodon servers you can use to participate in the fediverse.
Irish Mastodon - run from Ireland, we welcome all who respect the community rules and members.

Administered by:

Server stats:

1.6K
active users

#vulnerability

115 posts38 participants5 posts today

WordPress AI Engine Plugin vulnerable to malicious file upload and remote code execution

A critical arbitrary file upload vulnerability (CVE-2025-7847) in the AI Engine WordPress plugin allows authenticated users with minimal privileges to upload malicious PHP files and achieve remote code execution when the Public API option is enabled.

**If you use the AI Engine WordPress plugin, check if you have enabled the "Public API" feature. If yes, either disable it or patch ASAP. Otherwise, keep to regular plugin updates for WordPress.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesWordPress AI Engine Plugin vulnerable to malicious file upload and remote code executionA critical arbitrary file upload vulnerability (CVE-2025-7847) in the AI Engine WordPress plugin allows authenticated users with minimal privileges to upload malicious PHP files and achieve remote code execution when the Public API option is enabled.

Dahua smart camera flaws enable remote device takeover

Bitdefender reports buffer overflow vulnerabilities (CVE-2025-31700 and CVE-2025-31701) in Dahua Hero C1 smart cameras and multiple other product lines that allow unauthenticated attackers to achieve complete remote code execution and device takeover.

**If you have Dahua cameras (Hero C1, IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A, SD2C series) make sure they are isolated from the internet with disables UPnP and no port forwarding. Then update all devices to firmware versions released after April 16, 2025. There's an PoC exploit, so automated attacks will come very soon**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesDahua smart camera flaws enable remote device takeoverBitdefender reports buffer overflow vulnerabilities (CVE-2025-31700 and CVE-2025-31701) in Dahua Hero C1 smart cameras and multiple other product lines that allow unauthenticated attackers to achieve complete remote code execution and device takeover.

Religious symbols weaponized, group uses Microsoft SharePoint RCE vulnerability to deliver 4L4MD4r ransomware

A serious remote code execution vulnerability in Microsoft SharePoint servers was exploited by hackers, affecting tens of thousands of servers globally. The mimo attack group, a financially motivated threat actor, utilized this vulnerability to deliver the 4L4MD4r ransomware, written in Golang and featuring function names with strong religious overtones. The attack chain involved downloading the payload from an Italian intermediary website and executing it. The ransomware encrypts files, renames them to base64 format, and leaves ransom notes. Despite 40 transactions recorded in the provided Bitcoin wallet, no ransoms of 0.005 BTC have been paid yet, indicating no victims have complied with the demands so far.

Pulse ID: 688ca78ff00082bce0dc1d5e
Pulse Link: otx.alienvault.com/pulse/688ca
Pulse Author: AlienVault
Created: 2025-08-01 11:39:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Critical flaw in SUSE Manager exposes enterprise deployments to compromise

A critical authentication bypass vulnerability (CVE-2025-46811) in SUSE Manager's websocket infrastructure allows unauthenticated attackers to execute arbitrary commands with root privileges across entire managed infrastructures by exploiting the /rhn/websocket/minion/remote-commands endpoint.

**This one is URGENT: If you have SUSE Manager systems, immediately block network access to port 443 or isolate these systems from untrusted networks. Attackers can execute commands with root privileges without any authentication. Then plan an urgent update of the systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesCritical flaw in SUSE Manager exposes enterprise deployments to compromiseA critical authentication bypass vulnerability (CVE-2025-46811) in SUSE Manager's websocket infrastructure allows unauthenticated attackers to execute arbitrary commands with root privileges across entire managed infrastructures by exploiting the /rhn/websocket/minion/remote-commands endpoint.

Rockwell Automation patches critical VMware components in Rockwell Automation Lifecycle Services

CISA reported critical VMware vulnerabilities (CVE-2025-41236 through CVE-2025-41239) discovered at Pwn2Own 2025 that affect all generations of Rockwell Automation's industrial control systems and services using VMware infrastructure.

**If you have Rockwell Automation systems running on VMware (IDC, VVA, TDMS, etc.), contact Rockwell immediately if you have a managed services contract, or plan to apply the latest VMware/Broadcom security patches yourself if you don't. These vulnerabilities require local system access to exploit, so be very careful what you load as images on the Rockwell system. Make sure the system is isolated to trusted networks only and restrict physical and remote access to authorized personnel only.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesRockwell Automation patches critical VMware components in Rockwell Automation Lifecycle ServicesCISA reported critical VMware vulnerabilities (CVE-2025-41236 through CVE-2025-41239) discovered at Pwn2Own 2025 that affect all generations of Rockwell Automation's industrial control systems and services using VMware infrastructure.

Critical vulnerability reported in Güralp FMUS seismic monitoring devices

CISA reported a critical vulnerability (CVE-2025-8286) in all Güralp Systems FMUS Series seismic monitoring devices that allows unauthenticated remote attackers to gain complete control through exposed Telnet interfaces. The vendor did not respond to coordinated disclosure efforts, leaving users without official patches or guidance. CISA recommends immediate network isolation and VPN-only remote access.

**If you have Güralp FMUS Series seismic monitoring devices, immediately isolate them from the internet and place them on a protected network segment since there's no security patch available. Only allow remote access through a secure VPN if absolutely necessary.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesCritical vulnerability reported in Güralp FMUS seismic monitoring devicesCISA reported a critical vulnerability (CVE-2025-8286) in all Güralp Systems FMUS Series seismic monitoring devices that allows unauthenticated remote attackers to gain complete control through exposed Telnet interfaces. The vendor did not respond to coordinated disclosure efforts, leaving users without official patches or guidance. CISA recommends immediate network isolation and VPN-only remote access.