Aggregator

Мошенническая схема под видом торгового помощника набирает обороты.

Microsoft has fixed a known issue that prevents some apps launched from non-admin accounts from starting on Windows 10 22H2 systems after installing the September preview cumulative update. [...]

AMD 正式宣布了被誉为最强游戏 CPU 的 Ryzen 7 9800X3D，售价 479 美元，11 月 7 日上市。Ryzen 7 9800X3D 为 8 核 16 线程处理器，其中 3D V-Cache 64MB，总缓存 104MB。它使用了第二代 3D V-Cache，其放置位置从处理器核心的上方转移到下方，靠近散热器，因此温度控制更出色，功耗为 120 瓦。它的游戏性能比上一代的 Ryzen 7 7800X3D 提升 8%，比竞争对手英特尔的 Core Ultra 9 285K Arrow Lake 提升 20%。

Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories

Linux 项目最近以合规为由移除了多名内核维护者。俄罗斯数字部回应称这是歧视行为，表示计划建立本国的替代 Linux 社区。目前尚不清楚俄罗斯是否打算创建和维护一个 Linux 分支。此前 Linux 作者 Linus Torvalds 公开表示作为芬兰人，不会支持俄罗斯的侵略行为。大部分被移除的内核维护者就职于被美国制裁的俄罗斯公司。卡巴斯基的一位专家认为，Linux 项目可能会增加对来自俄罗斯开发者递交补丁的怀疑。一家开发开源数据库管理系统的公司创始人 Ivan Panchenko 表示，俄罗斯开发者对内核贡献并不多，因此影响有限，来自俄罗斯的普通软件 bug 修复补丁可能会继续接受。

A vulnerability, which was classified as critical, was found in DrayTek Vigor 3900 1.5.1.3. This affects the function sign_cacertificate of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2024-51254. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in DrayTek Vigor 3900 1.5.1.3. Affected by this issue is the function setup_cacertificate of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-51259. Access to the local network is required for this attack. There is no exploit available.

A vulnerability classified as critical was found in Beckhoff TwinCAT Package Manager. Affected by this vulnerability is an unknown functionality. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-8934. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

abyss0 is Allegedly Selling Data of Temenos Quantum Fabric

A vulnerability classified as problematic has been found in Clibo Manager 1.1.9.12. Affected is an unknown function of the file /public/login. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2024-10454. It is possible to launch the attack remotely. There is no exploit available.

abyss0 is Allegedly Selling the Data of MyRepublic

Google 最近调整了搜索排名算法，Reddit 成为这一修改的大赢家，但很多独立网站备受打击，流量大幅下降。提供空气净化器独立评测的 HouseFresh.com 报告在去年 9 月修

LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to release an updated version of the library. "On October 30th ~6:20 PM UTC - LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code," the company said in a

A vulnerability was found in langflow 1.0.12. It has been rated as critical. This issue affects some unknown processing of the component PythonCodeTool. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-42835. The attack may be initiated remotely. There is no exploit available.

Om te kunnen trainen met de 5 bestelde Embraer C-390 Millennium militaire transportvliegtuigen koopt Defensie simulatoren. Vanmiddag is dat contractueel vastgelegd bij het Air Mobility Training Centre, tegenover Vliegbasis Gilze-Rijen. Een mooie aanwinst voor de opleiding en training van personeel. En een aankoop waardoor er minder gevlogen hoeft te worden. De levering staat gepland voor eind 2026.

mommy is Allegedly Selling Unauthorized Access to CyberLink