Aggregator

A vulnerability classified as critical has been found in projectworlds Travel Management System 1.0. Affected is an unknown function of the file loginform.php. The manipulation of the argument username/password leads to sql injection. This vulnerability is traded as CVE-2024-51327. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in projectworlds Travel Management System 1.0. Affected by this issue is the function deletesubcategory of the file deletesubcategory.php. The manipulation of the argument t2 leads to sql injection. This vulnerability is handled as CVE-2024-51326. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Combodo iTop up to 2.7.8/3.0.3. This affects an unknown part of the file pages/ajax.searchform.php. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-34444. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Combodo iTop up to 2.7.8/3.0.3. It has been declared as problematic. This vulnerability affects unknown code of the component Run Queries Page. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-34443. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Роскомнадзор разрабатывает автономную интернет-инфраструктуру.

Когда за фасадом оптимизации кроется цифровой рэкет.

根据科罗拉多大学和加州河滨分校的一项新研究，成年人每周坐着的时间超过 60 个小时，这可能会增加他们患心脏病的风险，并加速其他衰老迹象的出现。这项研究对 1000 多名年龄在 28 至 4

In a time of increasingly sophisticated cross-domain attacks, relying solely on automated solutions isn't enough.

经过了前几年机械键盘价格战的洗礼，键盘市场开始回归稳定，缓慢退烧，基本形成了跟目前游戏鼠标市场一样稳定分层的价位档次。同样的事情目前正在磁轴领域发生，不久之后，磁轴键盘应该也会以性能和整体做工分出层次

A Threat Actor Has Allegedly Leaked the Data of Alrajhi Bank

Data Privacy / Tech RegulationMeta has been fined 21.62 billion won ($15.67 million) by South Kore

图像编辑自由软件项目 GIMP 终于发布了 v3.0 的第一个 RC 版本，但目前只能通过 Git 获取，官网尚未提供二进制版本下载。GIMP 3.0 是一次用户期待已久的重大更新，其变化

A Threat Actor Has Allegedly Leaked Data of Regional Government of Ica

Google has announced that, by the end of 2025, multi-factor authentication (MFA) – aka 2-step verification – will become mandatory for all Google Cloud accounts. “Given the sensitive nature of cloud deployments — and with phishing and stolen credentials remaining a top attack vector observed by our Mandiant Threat Intelligence team — we believe it’s time to require [2-step verification] for all users of Google Cloud,” said Mayank Upadhyay, VP of Engineering and Distinguished Engineer, … More →

The post All Google Cloud users will have to enable MFA by 2025 appeared first on Help Net Security.

The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity

A vulnerability classified as critical has been found in Ericsson CodeChecker up to 6.24.1. Affected is an unknown function of the file /Authentication of the component API Endpoint. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2024-10081. It is possible to launch the attack remotely. There is no exploit available.

Atakama announced the latest expansion of its Managed Browser Security Platform, introducing DNS filtering explicitly designed for Managed Service Providers (MSPs). This new feature enables comprehensive in-browser and network-level filtering, providing a full-spectrum DNS solution that secures browsers and entire network environments. Atakama’s Managed Browser Security Platform transforms the browser into a secure foundation, empowering MSPs with enhanced visibility and control over client web activity. The platform now includes advanced capabilities such as category-based filtering … More →

The post Atakama introduces DNS filtering designed for MSPs appeared first on Help Net Security.