Aggregator

2025年3月24日，深瞳漏洞实验室监测到一则NextJS组件存在绕过认证漏洞的信息，漏洞编号：CVE-2025-29927，漏洞威胁等级：高危。

2025年3月24日，深瞳漏洞实验室监测到一则NextJS组件存在绕过认证漏洞的信息，漏洞编号：CVE-2025-29927，漏洞威胁等级：高危。

2025年3月24日，深瞳漏洞实验室监测到一则NextJS组件存在绕过认证漏洞的信息，漏洞编号：CVE-2025-29927，漏洞威胁等级：高危。

2025年3月24日，深瞳漏洞实验室监测到一则NextJS组件存在绕过认证漏洞的信息，漏洞编号：CVE-2025-29927，漏洞威胁等级：高危。

A vulnerability was found in Premium Addons for Elementor Plugin up to 4.10.33 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-5553. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Custom Field Suite Plugin up to 2.6.7 on WordPress. Affected is an unknown function. The manipulation of the argument cfs[post_content] leads to cross site scripting. This vulnerability is traded as CVE-2024-3559. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in CoDesigner WooCommerce Builder for Elementor Plugin up to 4.4.1 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-4564. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Microsoft Windows 11 22H2/11 23H2/Server 2022 23H2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Event Trace Log File Parser. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2024-30072. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Microsoft Windows Server 2008 R2 SP1/Server 2008 SP2. This affects an unknown part of the component Link Layer Topology Discovery Protocol. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-30074. The attack can only be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

首席信息安全官正处在安全运营的关键十字路口：从“传统 SOC”转向“AI 原生 SOC”。

隐私换股权？

Фейковая игра дала дорогу хакерам в системы игроков.

Стартап IntuiCell стёр грань между живым и искусственным разумом.

Как взломать систему доверия Windows за $10 в месяц.

Cloudflare has unveiled AI Labyrinth, an innovative platform designed to combat AI-powered bots that relentlessly crawl and scrape data from websites without permission. By employing AI-generated content, AI Labyrinth cleverly slows down and misdirects these bots, safeguarding legitimate websites while enhancing bot detection capabilities. What is AI Labyrinth? AI Labyrinth is a proactive defense mechanism that […]

The post Cloudflare Reveals AI Labyrinth to Counter Automated AI Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Downdetector зафиксировал более 1500 жалоб на Lovit.

В Next.js обнаружена уязвимость, открывающая доступ к защищённым ресурсам.

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users’ sensitive information and infect their systems with malware. “The FBI Denver Field Office is warning that agents are increasingly seeing a scam […]

报告时间：2025年3月28日（周五）上午09:30

报告时间：2025年3月28日（周五）上午09:30