Aggregator

As artificial intelligence (AI) becomes more advanced and widely used, so does its use for nefarious purposes. Bad actors are using AI to increase the efficacy of cyberattacks. AI systems can be leveraged in many types of attacks—including distributed denial-of-service (DDoS) attacks, where they optimize the attack to...

A vulnerability was found in Linux Kernel up to 6.7/6.7.6. It has been rated as problematic. Affected by this issue is some unknown functionality of the component think-lmi. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-26836. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.7.10/6.8.1. This affects the function adv7511_probe of the component bridge. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2024-26876. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.8.6. Affected is an unknown function of the component Bluetooth. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-35964. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.90/6.6.30/6.8.9. This affects the function blk_ioctl_discard of the component block. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-36917. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.9. It has been rated as problematic. Affected by this issue is the function accept_memory. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-36936. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.7/6.9-rc4. It has been classified as critical. Affected is the function nft_mapelem_activate of the component nf_tables. The manipulation leads to memory leak. This vulnerability is traded as CVE-2024-27012. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Pidgin up to 2.10.x and classified as critical. This issue affects some unknown processing of the component MXIT MultiMX Message Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-2374. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

error code: 521

「免费」魔力。

由

watchTowr announced a $19 million Series A funding round led by Peak XV, formerly known as Sequoia India & Southeast Asia, with repeat participation from Prosus Ventures and Cercano Management. The company will use the funds to capture market leadership and accelerate global growth by expanding its go-to-market, research and engineering teams. The latest investment brings its total funding raised to $29 million. Over the past year, watchTowr has seen significant adoption from critical infrastructure … More →

The post watchTowr raises $19 million to accelerate global growth appeared first on Help Net Security.

Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is a use-after-free vulnerability in the browser’s Animation timelines and, according to Mozilla, has been exploited to achieve code execution in the content process. Additional details about the vulnerability or the attacks are yet to be shared. According to … More →

The post Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) appeared first on Help Net Security.

Dr.Web раскрывает схему масштабного обмана на тысячи долларов.

Vulnerability / Browser SecurityMozilla has revealed that a critical security flaw impacting Firef

这篇文字来自 heige 投稿，我好像很久都没打理本懒号了，突然感觉也挺对得起本懒号的名字...

Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows remote

最新版本

目前，尚不确定 Mallox Linux 1.0 变体是由单个附属机构、多个附属机构还是所有 Mallox 勒索软件运营商与 Linux 变体一起使用。

我们将在留言中抽取3位幸运者，每位中奖者将会获得由GEEKCON组委会提供的免费门票1张。