Aggregator

A vulnerability classified as problematic was found in mkucej i-librarian-free up to 5.11.1. This vulnerability affects unknown code. The manipulation leads to basic cross site scripting. This vulnerability was named CVE-2024-50344. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Atlanta, Georgia, 30th October 2024, CyberNewsWire

The post ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues appeared first on Security Boulevard.

A vulnerability classified as problematic has been found in Easy SVG Upload Plugin up to 1.0 on WordPress. This affects an unknown part of the component SVG File Upload Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-9708. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Woo Manage Fraud Orders Plugin up to 6.1.7 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Log File Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-10544. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Wpsoul Greenshift Plugin up to 9.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is known as CVE-2024-50419. The attack can be launched remotely. There is no exploit available.

A Threat Actor Allegedly Has Leaked Part 1 of Interbank Data

A Threat Actor Has Allegedly Leaked Data of Opencell

Vendor Blames Delta's Outage Severity on Its 'Own Response and IT Infrastructure'
CrowdStrike has countersued customer Delta Air Lines, accusing the airline of employing a lawsuit and seeking damages in "a desperate attempt to shift blame" for Delta's own IT inadequacies having exacerbated its outage, unlike "other major airlines" that quickly resumed operations.

Wi-Fi 测试套件的安全漏洞可能使未经身份验证的本地攻击者以提升的权限执行任意代码。

A vulnerability has been found in Apple watchOS up to 3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Kernel. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-2473. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

将LLM用于网络犯罪论坛的威胁情报 by ourren

更多最新文章，请访问SecWiki

Google 主导开发的 Flutter 项目是广泛使用的跨平台 UI 工具箱。粗略估计全世界有一百万使用 Flutter 的开发者，但你知道 Google 有多少名 Flutter 开发者？粗略估计只有 50 人。2023 年 Google 在公司内部进行了大规模裁员，Flutter 团队也裁掉了少许员工。Google 对 AI 的关注降低了 Flutter 的优先度，Flutter 支持的 6 个平台有 3 个处于维护模式。它陷入了停滞。Google Flutter 团队欢迎来自外部开发者的贡献，然而与 Google 打过交道的开发者报告双方的沟通体验非常糟糕，bug 修复缓慢而迟钝。在这一背景下，社区开发者宣布创建 Flutter 分支 Flock。开发者表示他们不想要分裂 Flutter 社区，会与 Flutter 保持同步，同时合并重要的 bug 修复和社区迫切想要的功能，不再受到官方开发团队人手不足响应缓慢的约束。

mommy is Allegedly Selling Root Access of Tiphone Mobile Indonesia Tbk, PT

Hollywood loves a good thriller—and so do many of us. From Fatal Attraction to You, stalking is a recurring theme that keeps viewers glued to their screens. One of the latest installments in this genre, Netflix’s Baby Reindeer, pulls no punches in showing the terrifying lengths stalkers will go to, be it online or real life.  

The post Baby Reindeer—The dangers of real-life stalkers appeared first on Security Boulevard.

The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. [...]

在 2023 年披露的 138 个被积极利用的漏洞中，有 97 个被用作零日漏洞。