Aggregator

A vulnerability classified as problematic was found in Symantec Web Gateway up to 5.2.1. This vulnerability affects unknown code of the component Report Handler. The manipulation leads to cross site scripting (Reflected). This vulnerability was named CVE-2014-1652. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Wingate 5.0.5/5.2.3/6.0 Beta 2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2004-0578. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in newsPHP. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument cat_id leads to cross site scripting. This vulnerability is uniquely identified as CVE-2004-2688. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in phpXplorer 0.9.33. It has been classified as problematic. Affected is an unknown function of the file workspaces.php. The manipulation of the argument sShare leads to path traversal. This vulnerability is traded as CVE-2006-0244. It is possible to launch the attack remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability was found in SonicWall and classified as critical. This issue affects some unknown processing of the component Content Filtering. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2002-2181. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Finjan Surfingate 6.0/6.0.1. Affected by this issue is some unknown functionality of the component Access Restriction. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2002-1962. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Symantec Norton Antispam 2004. It has been rated as critical. Affected by this issue is the function LaunchCustomRuleWizard in the library symspam.dll. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2004-0363. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Ipswitch Whatsup Gold up to 8.2. This vulnerability affects unknown code of the file maincfgret.cgi. The manipulation of the argument instancename leads to memory corruption. This vulnerability was named CVE-2004-0798. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 德克萨斯州阿比林市表示，其正在努力恢复因遏制网络攻击而离线的系统。 此次攻击始于4月18日，当时该市内部网络部分系统报告无响应，随即启动事件响应预案。该市官员周一宣布，为保护网络，阿比林市已断开关键资产与受攻击影响系统的连接。 “我们已启动调查并聘请行业领先的网络安全专家确定事件性质与范围，同时通报相关部门。”官员称。阿比林市官员表示，其IT部门周末持续工作以恢复服务并减少对运营的影响，所有系统均处于异常活动监控中。 该市声明：“紧急服务仍保持正常运行并可及时提供协助，未检测到异常财务活动。水务用户仍可通过市政服务账单支付系统缴纳费用。”同时指出，系统恢复期间在线服务可能出现延迟，逾期账户不会被切断服务，现场与在线支付渠道均保持畅通。 “当前处于调查初期阶段。任何经历过网络事件的人员都清楚这是耗时过程。每周我们将进一步掌握事件范围，并随着调查进展通报细节。”该市呼吁公众保持耐心与理解。 现有信息表明阿比林市可能遭受勒索软件攻击，但截至发稿尚无勒索组织宣称负责。以大量儿童文学角色雕塑闻名并拥有三所基督教大学的阿比林市，人口约13万。   消息来源：securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

物联网流量分析

A vulnerability was found in Wonder CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the component installModule. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-41425. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： Active! Mail 零日远程代码执行漏洞正被积极利用，攻击日本的大型组织。 Active! Mail 是一款基于 Web 的电子邮件客户端，最初由 TransWARE 开发，后被 Qualitia 收购，这两家公司均为日本公司。 虽然 Active! 不像 Gmail 或 Outlook 那样在全球范围内广泛使用，但它经常被用作大型企业、大学、政府机构和银行等日语环境中的群件组件。据 Active! 供应商称，该公司已在超过 2,250 家组织中使用，拥有超过 11,000,000 个帐户，使其成为日本商业 Web 邮件市场的重要参与者。 上周晚些时候，Qualitia 发布了一份安全公告，报告了一个基于堆栈的缓冲区溢出漏洞，漏洞编号为 CVE-2025-42599（CVSS v3 评分：9.8，“严重”），该漏洞影响所有受支持操作系统平台上 Active! 的所有版本（包括“BuildInfo: 6.60.05008561”）。 公告称：“如果远程第三方发送恶意构建的请求，则可能存在任意代码执行或触发拒绝服务 (DoS) 的情况。” 尽管 Qualitia 表示正在调查该漏洞是否已被利用，但日本计算机紧急响应小组 (CERT) 已确认该漏洞正处于活跃利用状态，并敦促所有用户尽快更新至 Active! Mail 6 BuildInfo: 6.60.06008562。 日本网络托管和 IT 服务 (SMB) 提供商 Kagoya Japan 上周末报告了数起外部攻击，导致其暂停服务。 “我们怀疑此问题与 QUALITIA（开发商）披露的一个漏洞有关，” Kagoya 此前发布的公告中写道。 网络托管和 IT 服务提供商 WADAX 也报告了类似的服务中断，据称是由于有人试图利用该漏洞。 “目前，我们还无法保证客户能够安全使用该服务，” WADAX 宣布。 “因此，出于客户安全的首要考虑，我们已暂时停止 Active! 邮件服务，以防万一。” Macnica 安全研究员 Yutaka Sejiyama 告诉 BleepingComputer，至少有 227 台暴露在互联网上的 Active! 服务器可能面临此类攻击，其中 63 台服务器用于大学。 日本计算机应急响应小组 (CERT) 为无法立即安全更新应用的用户提出了具体的缓解措施，包括配置 Web 应用程序防火墙 (WAF) 以启用 HTTP 请求正文检查，并在 multipart/form-data 标头的大小超过一定阈值时进行阻止。     消息来源：Bleeping Computer； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文    

今天我们要谈一家新的AI编码（也叫Vibe Coding，氛围编程）公司Windsurf。这家公司最近很受关注，因为据说OpenAI想花30亿美金收购它。如果此事成真，就会是OpenAI成立以来最大的一笔投资。

这也说明，AI编码已经是现在最热的模型应用赛道，主要初创玩家有Cursor、V0、Replit、Bolt、Lovable等，还有老牌的GitHub Copilot，相当拥挤。之前，我们发过Cursor创始人Aman Sanger的创业故事，讲团队如何从零做到一亿美金，还发过Replit创始人Amjad Masad的愿景，说让世界拥有十亿开发者比AGI重要。今天我们继续这个系列，主角就是Windsurf创始人兼CEO Varun Mohan，核心内容来自他接受知名油管频道Lenny's Podcast的访谈。

原文链接：https://mp.weixin.qq.com/s/rFzSFLlaCd61EHeMORPu3Q

A vulnerability classified as critical was found in Finjan Surfingate 6.0/6.0.1. Affected by this vulnerability is an unknown functionality of the component FQDN Handler. The manipulation with the input . leads to improper privilege management. This vulnerability is known as CVE-2002-1961. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in SWS Simple Web Server up to 0.1.0. Affected is an unknown function of the component HTTP Request Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2002-1864. It is possible to launch the attack remotely. There is no exploit available.

Senior Advisers Behind 'Secure by Design' Step Down From CISA Amid Workforce Cuts
A wave of senior cybersecurity advisors is leaving the U.S. cyber defense agency amid government downsizing, raising concerns about broader national cyber defense capacities as White House plans to cut the size of the federal workforce deepens instability across critical agencies.

Ransom Threats to Be Reported Under New Australian Legislation
Australian organizations have 40 days to prepare for a new law requiring mandatory reporting of ransomware payments to authorities. The law covers about 6.5% of registered businesses which, starting May 30, must report ransomware payments within 72 hours to the Australian Signals Directorate.

Hackers Targeted Critical Infrastructure for Sabotage, Data Theft
Russian and Chinese hackers targeted critical infrastructure in the Netherlands for strategic gains amid escalating tensions with Western governments, the Dutch intelligence agency said. The Netherlands witnessed a number of "cyberespionage attempts against the Dutch government."

Senior Advisers Behind 'Secure by Design' Step Down From CISA Amid Workforce Cuts
A wave of senior cybersecurity advisors is leaving the U.S. cyber defense agency amid government downsizing, raising concerns about broader national cyber defense capacities as White House plans to cut the size of the federal workforce deepens instability across critical agencies.

Ransom Threats to Be Reported Under New Australian Legislation
Australian organizations have 40 days to prepare for a new law requiring mandatory reporting of ransomware payments to authorities. The law covers about 6.5% of registered businesses which, starting May 30, must report ransomware payments within 72 hours to the Australian Signals Directorate.