Aggregator

huoji 驱动漏洞,内核,windows 2024-08-18 7 次浏览 0 次点赞本文由 huoji 创作，采用 知识共享署名 3.0，可自由转载、引用，但需署名

IntroductionAttention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen

Introduction Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands

The post CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – A Deep Dive appeared first on ARMO.

The post CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – A Deep Dive appeared first on Security Boulevard.

全面支撑电力监控系稳定运行

分享近期值得关注的IOC

The “Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More” provides a comprehensive overview of the latest developments in the cybersecurity landscape. Each edition highlights significant data breaches, emerging vulnerabilities, and notable cyber attacks, offering insights into the evolving threats that organizations face. By staying informed through this newsletter, readers can […]

The post Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & Other Stories appeared first on Cyber Security News.

Ошибка разработчика Styx Stealer раскрывает обширную сеть киберпреступников.

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7 | Security Affairs newsletter Round 485 by Pierlui

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware   Ideal typosquat ‘solana-py’ steals your crypto wallet keys   Ransomware attackers introduce new EDR killer to their arsenal Beyond the wail: deconstructing the BANSHEE infostealer   A Deep Dive into a New ValleyRAT […]

A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument site_favicon leads to unrestricted upload. This vulnerability is handled as CVE-2024-7917. The attack may be launched remotely. Furthermore, there is an exploit available.

当前，智能CPS系统已成为智能汽车、智能机器人、智能制造等多个领域的研究热点。

Submit #389296 / VDB-275042

A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php of the component Add Nominee Page. The manipulation of the argument Nominee-Client ID leads to cross site scripting. This vulnerability is known as CVE-2024-7916. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #388906 / VDB-199683

Submit #388905 / VDB-275041

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7 | Security Affairs newsletter Round 485 by Pierlui

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Large-scale extortion campaign targets publicly accessible environment variable files (.env) OpenAI dismantled an Iranian influence operation targeting the […]

Правительство пытается спасти уникальные бумаги.