Aggregator

LINEヤフー株式会社が提供するAndroidアプリ「Yahoo!ショッピング」には、Custom URL Scheme ハンドラーにおけるアクセス制限不備の脆弱性が存在します。

Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei Deal
This week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5 million to BEC.

Startup to Expand Dual-Use Tech, Tackle GPS Jamming Threats With Series C Funding
With a $75 million Series C raise, Shift5 plans to scale its operational intelligence platform across military and commercial transportation. Its focus includes enhanced threat detection, predictive maintenance and data-driven safety measures amid rising cyberthreats to infrastructure.

Feds Ramp Up Enforcement of 21st Cures Act Regs Including Fines up to $1 Million
The Department of Health and Human Services says it's "cracking down" on healthcare providers, health IT developers and health information networks that "block" the exchange, access and use of patients' electronic health data. Info blocking regulations have been on the books for years, so why now?

ACI Worldwide's Cleber Martins on Why Banks Need to Lead on AI Identity Governance
The rise of agentic commerce is forcing the financial sector to reconsider traditional fraud controls. Automated transactions may follow all technical authorizations, but agentic AI tools lack an understanding of user intent. That disconnect could lead to a surge in first-party fraud.

クジラ飛行机が提供するPythonライブラリ「TkEasyGUI」には、複数の脆弱性が存在します。

图片：2025 年 8 月 29 日，美国参议院军事委员会主席、密西西比州共和党参议员罗杰·威克 (Roge

开源情报（OSINT）通过收集和分析公开信息，帮助深入了解一个人的多面性，包括其社交媒体行为、工作背景以及家庭

A vulnerability classified as critical has been found in Microsoft Edge. Impacted is an unknown function of the component Scripting Engine. Performing manipulation as part of Object results in memory corruption. This vulnerability is cataloged as CVE-2018-0775. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is suggested to install a patch to address this issue.

A vulnerability classified as critical was found in Microsoft Edge and ChakraCore. This affects an unknown part of the component Chakra Scripting Engine. Executing manipulation can lead to memory corruption. This vulnerability is registered as CVE-2018-8133. It is possible to launch the attack remotely. Furthermore, an exploit is available. It is advisable to implement a patch to correct this issue.

A vulnerability classified as critical was found in Microsoft Edge and ChakraCore. Affected is an unknown function of the component Scripting Engine. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2018-0946. The attack can be executed remotely. Additionally, an exploit exists. It is best practice to apply a patch to resolve this issue.

A vulnerability identified as critical has been detected in Microsoft ChakraCore. Impacted is an unknown function of the component Chakra Scripting Engine. The manipulation leads to memory corruption. This vulnerability is documented as CVE-2018-8384. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Edge and classified as critical. This impacts the function AsmJSByteCodeGenerator::EmitCall of the component Scripting Engine. This manipulation as part of Object causes information disclosure. This vulnerability appears as CVE-2018-0780. The attack may be initiated remotely. In addition, an exploit is available. Applying a patch is the recommended action to fix this issue.

A vulnerability has been found in Microsoft Edge and ChakraCore and classified as critical. This affects an unknown function of the component Chakra Scripting Engine. This manipulation causes memory corruption. This vulnerability is registered as CVE-2018-8617. Remote exploitation of the attack is possible. Furthermore, an exploit is available. To fix this issue, it is recommended to deploy a patch.

A vulnerability was found in Microsoft Edge. It has been rated as problematic. Impacted is an unknown function of the component Scripting Engine. This manipulation as part of Object causes information disclosure. This vulnerability is handled as CVE-2018-0767. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to apply a patch to fix this issue.

控制者视角、收集时点与接收方可识别性

当前环境出现异常,需完成验证后方可继续访问。

谷歌推出 Nano Banana 工具助力 Gemini 获得 1,000 万新用户，并更名为 Gemini 2.5 Flash Image。免费版用户每天可编辑 100 次，付费版为 1,000 次。谷歌新增明水印和盲水印以识别 AI 图片。

/r/netsec是一个由社区管理的技术信息安全内容聚合器，旨在提取有价值的信息并提供给安全从业者、学生、研究人员和黑客。