For individuals | HunCERT group

20 May 2025

Biztonsági szemle

RomethemeKit For Elementor plugin impacted by RCE bug

Widely used WordPress plugin RomethemeKit for Elementor was discovered to be affected by a critical security vulnerability, tracked as CVE-2025-30911, which could be leveraged to facilitate remote code execution, Infosecurity Magazine reports.

scmagazine.com

20 May 2025

Biztonsági szemle

Trio of spyware apps shut down

TechCrunch reports that operations of the almost identical mobile surveillance apps Cocospy, Spyzie, and Spyic have been halted.

scmagazine.com

20 May 2025

Riasztás

CVE-2023-38950 - ZKTeco BioTime Path Traversal sérülékenysége

nki.gov.hu

20 May 2025

Riasztás

CVE-2025-27920 - Srimax Output Messenger Directory Traversal sérülékenysége

nki.gov.hu

20 May 2025

Riasztás

CVE-2025-4428 - Ivanti Endpoint Manager Mobile (EPMM) Code Injection sérülékenysége

nki.gov.hu

20 May 2025

Riasztás

CVE-2025-4427 - Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass sérülékenysége

nki.gov.hu

20 May 2025

Riasztás

CVE-2024-11182 - MDaemon Email Server Cross-Site Scripting (XSS) sérülékenysége

nki.gov.hu

20 May 2025

Riasztás

CVE-2024-27443 - Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) sérülékenysége

nki.gov.hu

19 May 2025

Biztonsági szemle

Crawlomatic WordPress plugin patched for critical 9.8 RCE flaw

Arbitrary file upload is made possible by a missing file type validation.

scmagazine.com

19 May 2025

Biztonsági szemle

'Operation RoundPress' Targets Ukraine in XSS Webmail Attacks

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.

darkreading.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.