Qilin
You must login to view this content
Aggregator
一图读懂 | 公共安全行业标准 网络安全等级保护系列 GA/T 1390.6—2025 & GA/T 2348—2025
1 month 3 weeks ago
网络安全等级保护系列 GA/T 1390.6—2025 & GA/T 2348—2025。
2025年全球加密货币网络犯罪激增,黑客与勒索攻击事件持续高发
1 month 3 weeks ago
尽管非法交易总额大幅激增,但其在加密货币链上交易总量中的占比却略有下降,从2024年的1.3%微降至2025年的1.2%。
Qilin
1 month 3 weeks ago
You must login to view this content
cohenido
Zen-AI-Pentest: Open-source AI-powered penetration testing framework
1 month 3 weeks ago
Zen-AI-Pentest provides an open-source framework for scanning and exercising systems using a combination of autonomous agents and standard security utilities. The project aims to let users run an orchestrated sequence of reconnaissance, vulnerability scanning, exploitation, and reporting using AI guidance and industry tools like Nmap and Metasploit. It is written to support command line, API, and web interfaces. Multi-agent structure and integrated tools Zen-AI-Pentest organizes its functionality around a set of agents that handle discrete … More →
The post Zen-AI-Pentest: Open-source AI-powered penetration testing framework appeared first on Help Net Security.
Anamarija Pogorelec
ZDI-CAN-28911: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28845: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28463: NI
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2026-02-11, 48 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28838: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28840: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28854: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28839: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28843: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28910: GStreamer
1 month 3 weeks ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-28851: GStreamer
1 month 3 weeks ago
A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-02-11, 23 days ago. The vendor is given until 2026-06-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
倭黑猩猩能靠想象玩游戏
1 month 3 weeks ago
根据发表在《科学》期刊上的一项研究,倭黑猩猩具备靠想象力玩游戏的能力,此前想象力被认为是人类独有。在受控实验中,名叫 Kanzi 的倭黑猩猩持续与虚构的“果汁杯”和“装有葡萄的碗”互动。研究人员通过三次测试观察其行为:首次测试中,Kanzi能准确识别被倒入“假想果汁”的杯子;第二次测试中,面对真果汁与假想果汁,它始终选择真实饮品;第三次测试中,它再次成功定位假想中的“葡萄”。这表明 Kanzi 能理解假想物体的存在,同时区分其与实物的差异。总体来看,Kanzi 的表现并非完美无缺,但整体稳定可靠。研究人员认为,若想象力并非人类独有,将促使人类重新审视自身的独特性及其他生物的内心世界。
GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks
1 month 3 weeks ago
A critical security update has been released for both the Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, available in versions 18.8.4, 18.7.4, and 18.6.6, fix flaws that could allow attackers to crash servers, steal data, or hijack user sessions. Security experts urge administrators of self-managed instances to upgrade […]
The post GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks appeared first on Cyber Security News.
Abinaya
CVE-2026-24673 | Openeclass Open eClass up to 4.1 Decompression unrestricted upload
1 month 3 weeks ago
A vulnerability identified as critical has been detected in Openeclass Open eClass up to 4.1. This impacts an unknown function of the component Decompression Handler. The manipulation leads to unrestricted upload.
This vulnerability is referenced as CVE-2026-24673. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.
vuldb.com
CVE-2026-24674 | Openeclass Open eClass up to 4.1 cross site scripting
1 month 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Openeclass Open eClass up to 4.1. This issue affects some unknown processing. The manipulation leads to cross site scripting.
This vulnerability is documented as CVE-2026-24674. The attack can be initiated remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-24665 | openeclass Open eClass up to 4.1 cross site scripting
1 month 3 weeks ago
A vulnerability was found in openeclass Open eClass up to 4.1 and classified as problematic. The impacted element is an unknown function. Such manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2026-24665. The attack may be launched remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com