Aggregator

Given the serious financial and reputational risks of incidents that grind business to a halt, organizations need to prioritize a prevention-first cybersecurity strategy

Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account

CCF智能汽车大赛（CCF Intelligent Vehicle Competition, CCF IVC）是中国计算机学会（CCF）主办的面向智能汽车领域的旗舰竞赛，每年举办一届，大赛旨在推进人才培养和个人成长。首届CCF智能汽车大赛（CCF IVC 2025）与第三届CCF智能汽车学术年会（CIVS 2025）同期举办。本届竞赛分为汽车安全攻防赛、自动驾驶仿真赛两个赛项。 本文是汽车安全攻防

Мессенджер будет хранить твои фоточки. И даже гифки.

2025 QECon全球软件质量&效能大会将于9月12-13日在上海明捷万丽酒店举行。

Currently trending CVE - Hype Score: 7 - The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.

Currently trending CVE - Hype Score: 9 - In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and ...

Currently trending CVE - Hype Score: 1 - There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can ...

Currently trending CVE - Hype Score: 8 - A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following ...

Currently trending CVE - Hype Score: 8 - An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 ...

Currently trending CVE - Hype Score: 3 - SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a ...

Currently trending CVE - Hype Score: 1 - Windows Kernel Elevation of Privilege Vulnerability

Малоизвестная компания из КНР предлагает готовые решения для тотального контроля над гражданами.

Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware leverages advanced evasion techniques and installs legitimate remote access tools like AnyDesk and TightVNC to maintain persistent, covert access to infected machines. The attack begins with carefully crafted phishing emails targeting […]

The post MostereRAT Exploits AnyDesk and TightVNC for Remote Access on Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

2025年国家社会科学基金年度项目立项名单

Jaguar Land Rover’s UK factories will remain closed until at least Wednesday as the company continues to recover from a cyberattack that struck its systems on 31 August. The carmaker shut down its IT networks in response to the breach, halting production at its Halewood and Solihull plants, Wolverhampton engine facility, and sites in Slovakia, […]

The post Jaguar Land Rover Halts Operations Longer Due to Cyberattack Impact appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Что будет, если «сжать» свет в сотни раз? Учёные нашли ответ.

A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques to bypass kernel slab allocator and race condition protections, making exploitation much more feasible than […]

The post New Exploitation Method Discovered for Linux Kernel Use-After-Free Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

“A9 Team 甲方攻防团队，成员来自某证券、微步、青藤、长亭、安全狗等公司。成员能力涉及安全运营、威胁情

Losing a phone can mean losing years of conversations. Signal is rolling out a new secure backup feature to help users keep their messages safe without giving up privacy. The problem with lost chats Signal has long avoided cloud backups because they create privacy risks. Storing chats on a company’s servers can expose personal data if that service is hacked or pressured by governments. Until now, Signal only allowed local backups stored on a user’s … More →

The post Signal adds secure backup option for chat history appeared first on Help Net Security.