Aggregator

Alleged database leak of METEOR

检测语录小记 by swim

更多最新文章，请访问SecWiki

Google 旗下视频平台 YouTube 去年营收估计为 542 亿美元，是仅次于迪士尼的第二大媒体公司，它被誉为所有媒体的新王者。根据尼尔森的数据，3 月 YouTube 占据了美国电视观看的 12%，超过了 Netflix 等竞争流媒体平台。YouTube 表示越来越多的用户通过电视而不是智能手机或电脑观看其内容，用户平均每天在电视上观看 YouTube 内容的时长超过 10 亿小时。YouTube 的广告收入分享也让很多主播致富。制作化妆教程的 Patrick Starrr 称在 25 岁赚到了人生的第一个百万美元，他辞去了佛罗里达的工作搬到了洛杉矶。Dhar Mann 曾经营一家销售大麻种植用品的公司，如今他的 Dhar Mann Studios 有大约 200 名员工，每年与 2000 名演员合作，制作适合家庭观看的节目，他的公司去年收入估计为 4500 万美元，大部分来自 YouTube。MrBeast 频道的控股公司 Beast Industries 有 400 多名员工，去年营收 4.73 亿美元，过去 28 天 MrBeast 频道内容观看量达到 36 亿次。

Currently trending CVE - Hype Score: 31

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. This vulnerability is known as CVE-2025-4014. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. This vulnerability is traded as CVE-2025-4013. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #558350 / VDB-306367

Submit #558348 / VDB-306366

Authors/Presenters: Douglas McKee

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – Ground Truth – Seek Out New Protocols, And Boldly Go Where No One Has Gone Before appeared first on Security Boulevard.

Discover how SecOps is evolving from reactive alert handling to proactive, identity-driven security operations, and how Grip helps teams stay ahead of threats.

The post Grip Security Defines the Identity-Driven Future of SecOps appeared first on Security Boulevard.

加州超越日本成为世界第四大经济体，仅次于美国、中国和德国。加州在 2024 年的经济增长率达到了 6%，超过了美中德。加州的面积约 42 万平方公里，人口为 3,918 万，是美国主要的农业产区，也是制造业产出中心，有逾 3.6 万家制造企业，雇佣了逾 110 万加州居民。数据显示，2024 年加州 GDP 占美国 GDP 的 14%，向联邦政府提供的资金比获得的资金多 830 亿美元。

A vulnerability classified as problematic has been found in baseweb JSite up to 1.0. Affected is an unknown function of the file /sys/office/save. The manipulation of the argument Remarks leads to cross site scripting. This vulnerability is traded as CVE-2025-3970. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. This vulnerability is known as CVE-2025-3971. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-report-result.php. The manipulation of the argument todate leads to sql injection. This vulnerability is handled as CVE-2025-3972. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.