Aggregator

Новый мессенджер собирается конкурировать с лидерами рынка. Но реальность оказалась далека от амбиций.

A vulnerability has been found in Paysyspro Com Wmi 1.5.0 and classified as problematic. This vulnerability affects unknown code of the file wmi.php. The manipulation of the argument controller leads to path traversal. This vulnerability is traded as CVE-2010-1607. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability categorized as critical has been discovered in Visocrea Com Joomla Visites 1.1. This affects an unknown function of the file core/include/myMailer.class.php. The manipulation of the argument mosConfig_absolute_path results in code injection. This vulnerability is identified as CVE-2010-2918. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in Ternaria Com Vjdeo 1.0.1 and classified as problematic. The affected element is an unknown function of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is referenced as CVE-2010-1354. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in Joomlamo Com Weberpcustomer up to 1.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file weberpcustomer.php. Such manipulation of the argument controller leads to path traversal. This vulnerability is documented as CVE-2010-1315. The attack can be executed remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component.

A vulnerability has been found in Dev.pucit.edu.pk Com Webtv 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is documented as CVE-2010-1470. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability classified as critical was found in Com Weblinks on Joomla. Impacted is an unknown function of the file index.php. Executing manipulation of the argument Itemid can lead to sql injection. The identification of this vulnerability is CVE-2010-4938. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability identified as critical has been detected in Componentslab Com Sqlreport 1.1. This affects an unknown function of the file administrator/components/com_sqlreport/ajax/print.php. Performing manipulation of the argument user_id results in sql injection. This vulnerability is known as CVE-2010-0753. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in Joomlamo Com Userstatus 1.21.16. It has been rated as problematic. This impacts an unknown function of the file userstatus.php. This manipulation of the argument controller causes path traversal. This vulnerability appears as CVE-2010-1304. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability, which was classified as problematic, has been found in Webkul Com Ultimateportfolio 1.0. The impacted element is an unknown function of the file index.php. This manipulation of the argument controller causes path traversal. This vulnerability is registered as CVE-2010-1659. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability identified as problematic has been detected in Peter Hocherl Com Tweetla 1.0.1. Impacted is an unknown function of the file index.php. This manipulation of the argument controller causes path traversal. This vulnerability is registered as CVE-2010-1533. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

文章探讨了隐藏的网络安全威胁，包括社会工程、影子IT、智能设备漏洞、供应链攻击及未来AI与量子计算风险。这些威胁利用技术与人为失误对企业与个人构成潜在危害。

Beyond ransomware and phishing, hidden cyberthreats are rising — from AI-driven deepfakes and scams to shadow IT, and supply chain attacks.

The post The Cyberthreats No One Talks About but Everyone Faces appeared first on Security Boulevard.

大质量黑洞通常被视为星系的“心脏”，位于星系中心。但越来越多的观测表明，部分黑洞会偏离核心，在星系盘或外侧边缘地带“游离”。矮星系质量小、演化历史相对简单，其保存了早期黑洞成长的线索。理论预测表明，星系合并后的引力波反冲或多体相互作用，使黑洞在浅引力势阱的矮星系里，易被踢出中心，成为在星系外围游荡的黑洞。上海天文台的团队在距离地球约 2.3 亿光年（红移 z≈0.017）的矮星系 MaNGA 12772-12704里，发现了一个黑洞，它没有待在星系核心，而是偏离中心近 1 千秒差距（约 3 千光年），并喷射出射电喷流。研究团队估计其约为 30 万倍太阳质量，属于中等质量黑洞范畴。

The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations.

Submit #645003 / VDB-221591

网络安全法修正草案9月8日首次提请全国人大常委会会议审议。

A vulnerability identified as problematic has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuário Page. This manipulation of the argument email/data_inicial/data_expiracao causes cross site scripting. The identification of this vulnerability is CVE-2025-10099. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

文章总结了本周网络安全领域的重大事件和趋势,包括Salesloft-Drift供应链攻击、多个高风险CVE漏洞被利用、威胁行为者动态及安全工具更新等,并提供了锁定路由器的安全建议以应对日益复杂的网络威胁。

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the