Aggregator

近期，火绒安全情报中心监测到一款伪装成Clash（代理工具）的程序正在网络上传播。经溯源分析，这款恶意软件是由易语言编写的木马，其开发者还提供私人定制易语言服务，为他人的黑灰产活动提供支持。目前，火绒安全产品可对上述病毒进行拦截查杀。

A vulnerability, which was classified as critical, has been found in Apple visionOS. Affected by this issue is some unknown functionality. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-24179. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple tvOS. This affects an unknown part. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-24179. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple macOS and classified as critical. This vulnerability affects unknown code. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-24179. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS and classified as critical. This issue affects some unknown processing. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-24179. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple tvOS. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2025-24206. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2025-24206. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Случайный скрипт на больничном терминале стоил карьеры и свободы.

漏洞已修复

如果组织机构仅关注将攻击者挤出去，则将失败。

漏洞已修复

如果组织机构仅关注将攻击者挤出去，则将失败。

Так что же стало причиной массового отключения электричества?

A vulnerability classified as critical was found in Microsoft Internet Explorer 10/11. Affected by this vulnerability is an unknown functionality of the component DLL Loader. The manipulation leads to untrusted search path. This vulnerability is known as CVE-2016-0041. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

VeriSource breach exposed data of 4M people in Feb 2024; stolen info includes personal details from an employee benefits services provider. VeriSource is alerting 4 million people after a February 2024 breach that exposed personal information. The data was stolen on February 27, 2024, and the incident was discovered on February 28, 2024. The company […]

Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but an increase from 63 the year before. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances. "Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third for

Увольнение сотрудника превратилось в хакерскую вендетту.

研究人员发现了关键证据，证明物质使用障碍（SUDs）通过不同的分子机制加速大脑的生物学老化。这项研究考察了不同物质，如酒精、阿片类药物和兴奋剂，如何在分子水平上影响大脑的老化过程，可能解释了为什么SUDs患者常常经历早发性年龄相关疾病。研究的最重要发现之一是，不同物质似乎通过不同的生物学通路加速大脑老化。在酒精使用障碍中，研究人员发现参与蛋白质磷酸化、信号转导和谷氨酸能突触功能的基因表达发生改变。对于阿片类药物使用障碍，转录调控、神经发育和免疫炎症过程成为加速老化的关键驱动因素。兴奋剂使用障碍则显示出与氧化应激、低氧反应和细胞粘附通路相关的独特模式。尽管物质之间存在差异，但研究发现了所有SUDs中的一些共同生物学机制。神经炎症、氧化应激和线粒体功能障碍似乎在加速老化中扮演着至关重要的角色，不管使用的是哪种特定物质。

A vulnerability was found in Trend Micro Apex One. It has been rated as problematic. This issue affects some unknown processing of the component Security Agent. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2022-44648. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.