Aggregator

根据工作需要，中国信息安全测评中心面向社会公开招聘实习生。

根据工作需要，中国信息安全测评中心面向社会公开招聘实习生。

A vulnerability classified as problematic was found in Amazon WorkSpaces Client up to 2024.8 on Linux. The impacted element is an unknown function of the component Authentication Token Handler. The manipulation results in exposure of sensitive system information to an unauthorized control sphere. This vulnerability was named CVE-2025-12779. The attack needs to be approached locally. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in 3scale-sre marin3r up to 0.13.3. The affected element is an unknown function of the component DiscoveryServiceCertificate. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-64171. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in HCL DevOps Loop 1.0.2. Impacted is an unknown function of the component API Authentication Middleware. Executing manipulation can lead to session expiration. This vulnerability is handled as CVE-2025-55278. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in DataEase up to 2.10.14. This issue affects some unknown processing. Performing manipulation results in server-side request forgery. This vulnerability is known as CVE-2025-64163. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in XiaozhangBang Voluntary Like System 8.8. This vulnerability affects unknown code of the file /topfirst.php of the component Pay Module. Such manipulation of the argument zhekou leads to improper authorization. This vulnerability is traded as CVE-2025-60784. The attack may be launched remotely. There is no exploit available.

A vulnerability identified as critical has been detected in Dataease up to 2.10.14. This affects an unknown part of the component JNDI Handler. This manipulation causes deserialization. This vulnerability appears as CVE-2025-64164. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

<p>Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with Subcontractors and External Service Providers (ESPs),…</p>

Несколько лет адаптации — и победа над бюрократией стандартов.

Хакеры утверждают: в их руках оказались десятки гигабайт конфиденциальных материалов.

本文开发了 ScannerGrouper，这是首个独立于Darknet的互联网扫描探针组织溯源系统，旨在实现通用性、高效性，并适用于开放世界场景。

ELFSPIRIT is a comprehensive static analysis and injection framework designed to parse, manipulate, patch, and camouflage ELF files.

The post Binary Architect: ELFSPIRIT Framework Analyzes, Patches, and Camouflages ELF Files appeared first on Penetration Testing Tools.

Google is expanding the autofill capabilities of its Chrome browser, adding support for sensitive personal data such as

The post Convenience or Risk? Chrome Adds Autofill for Passports & Driver’s Licenses appeared first on Penetration Testing Tools.

Google has unveiled an updated version of its reCAPTCHA system — now markedly more flexible and intelligent in

The post Beyond Checkboxes: Google reCAPTCHA Updates to Risk-Based Scoring & Flexible Security Policies appeared first on Penetration Testing Tools.

The South Korean police have uncovered an organized extortion ring that stole the personal data of massage parlor

The post Blackmail Ring Busted: Gang Stole Client Data to Threaten Victims with Fake Tapes appeared first on Penetration Testing Tools.

The emergence of new AI-powered “smart browsers” is challenging the very foundations of how online content is protected.

The post Paywall Problem: AI Browsers Bypass Content Walls by Mimicking Human Users appeared first on Penetration Testing Tools.

То, что раньше считалось необратимым состоянием - теперь лечится. Благодаря пластинке из полимера PLGA.

A serious vulnerability has been discovered in AMD processors based on the Zen 5 architecture, posing a potential

The post Critical Crypto Flaw: AMD Zen 5 Bug Risks Predictable Encryption Keys (CVE-2025-62626) appeared first on Penetration Testing Tools.

当所有人都在追赶 AI，这群人正在重新定义主动权。