Aggregator

A vulnerability classified as critical was found in Jgaa WarFTPd 1.66. This vulnerability affects unknown code of the component USER/PASS Command. The manipulation leads to memory corruption. This vulnerability was named CVE-1999-0256. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-2621. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

The U.S. Treasury is lifting sanctions on Tornado Cash, a crypto mixer accused of helping North Korea’s Lazarus Group launder illicit funds. The U.S. Treasury Department removed sanctions against the cryptocurrency mixer service Tornado Cash. In August 2022, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the crypto mixer service Tornado Cash used by […]

Name: ZeroDays CTF 2025 (an ZeroDays CTF event.)
Date: March 22, 2025, 9:30 a.m. — 22 March 2025, 17:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: Dublin, Ireland
Offical URL: http://www.zerodays.ie/
Rating weight: 25.00
Event organizers: Ireland without the RE

#XSS #Firewall-RCE #BOF #ROP #PLT

Открытый код и pkcs#7-подписи сделают ядро безопаснее.

Alleged Leak of 160K U.S. Reshipping Site User Records

datacon 2024年漏洞分析赛道冠军战解题框架 by ourren

微调deepseek让它变成网安的业务模型 by ourren

ez-ai-agent: Automated Penetration Testing with EZ and Agents by ourren

Fake CAPTCHA攻击链样本分析 by ourren

代码大模型选型及微调方法对比 by ourren

实网中多选项卡网站指纹攻击 by ourren

更多最新文章，请访问SecWiki

Alleged Data Breach of Empik.com Exposes 24.7 Million User Records