Aggregator

GENESIS

Dark Feed IO

2 months ago

You must login to view this content

cohenido

CVE-2021-47853 | phpPgAdmin 7.13.0 os command injection (Exploit 49736 / EUVD-2026-3636)

Vuldb Updates

2 months ago

This issue looks like a false-positive. Please review the listed sources and think about not using this entry.

vuldb.com

CVE-2021-47912 | PHPSUGAR PHP Melody 3.0 Import cross site scripting (EUVD-2021-34759)

Vuldb Updates

2 months ago

A vulnerability, which was classified as problematic, was found in PHPSUGAR PHP Melody 3.0. The affected element is an unknown function of the component Import Handler. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2021-47912. The attack can be executed remotely. There is not any exploit available.

vuldb.com

CVE-2021-47916 | Simplephpscripts Simple CMS 2.1 Users admin.php sql injection (EUVD-2021-34755)

Vuldb Updates

2 months ago

This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

vuldb.com

RapidDNS Pro:高级搜索语法指南

RapidDNS

2 months ago

大家好，我是男人老白。RapidDNS考虑到更加灵活，更加强大，特提供高级搜索语法，方便快速定位信息以及灵活应对各种不同场景。

[科普贴]AI Agent们是怎么在Moltbook上互动的？

表图

2 months ago

Moltbook 是一个只允许 AI Agent 通过 API 互动的论坛，看似热闹的内容背后，其实由 Skills 与 Heartbeat 机制严格驱动。本文拆解 AI Agent 如何被规则“按时上线、按需发帖”，以及这些机制如何同时制造活跃度与信息噪声。

AI 代理社交平台 Moltbook 曝严重漏洞；雷军：新 SU7 量产，春节到店；宇树机器人挑战极寒天自主行走｜极客早知道

极客公园

2 months ago

OpenAI 已准备好在 ChatGPT 中推出广告：承诺不篡改回答且数据不外售；腾讯元宝派正式公测，发放 10 亿现金红包推广； Kimi 喊话百度：搜索「Kimi 官网」前 4 个都是广告

捆绑WPS安装程序银狐黑产最新攻击样本分析

安全分析与研究

2 months ago

捆绑WPS安装程序银狐最新攻击样本分析

在[1,n]中与n互质的数有k个，求k/n

青衣十三楼飞花堂

2 months ago

这也是五年级小学生来问我的题，不过咱们不春秋笔法，这个小学生是奔着打竞赛去的，勉强说得过去。

CVE-2026-1733 | Zhong Bang CRMEB up to 5.6.3 :uni detail/tidyOrder order_id improper authorization

Vuldb Updates

2 months ago

A vulnerability, which was classified as problematic, has been found in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/store_integral/order/detail/:uni. The manipulation of the argument order_id leads to improper authorization. This vulnerability is documented as CVE-2026-1733. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

OAuth User-Managed Access Protocol Overview

Security Boulevard

2 months ago

Deep dive into OAuth User-Managed Access (UMA) for CTOs. Learn how UMA 2.0 improves CIAM, delegated authorization, and enterprise SSO security.

The post OAuth User-Managed Access Protocol Overview appeared first on Security Boulevard.

SSOJet - Enterprise SSO & Identity Solutions

Web Single Sign-on with WS-Federation

Security Boulevard

2 months ago

Deep dive into Web Single Sign-on with WS-Federation. Learn how to implement secure federated identity, manage STS, and bridge legacy apps with modern CIAM.

The post Web Single Sign-on with WS-Federation appeared first on Security Boulevard.

SSOJet - Enterprise SSO & Identity Solutions

Anomalous Prompt Injection Detection in Quantum-Encrypted MCP Streams

Security Boulevard

2 months ago

Learn how to detect anomalous prompt injections in quantum-encrypted MCP streams using ai-driven behavioral analysis and post-quantum security frameworks.

The post Anomalous Prompt Injection Detection in Quantum-Encrypted MCP Streams appeared first on Security Boulevard.

Read the Gopher Security's Quantum Safety Blog

React Server Components Exploitation Consolidates as Two IPs Generate Majority of Attack Traffic

Grey Noise

2 months ago

Two months after CVE-2025-55182 was disclosed on December 3, 2025, exploitation activity targeting React Server Components has consolidated significantly.

The Noise in the Silence: Unmasking CISA's Hidden KEV Ransomware Updates

Grey Noise

2 months ago

In 2025, 59 KEV entries silently flipped to “known ransomware use.” GreyNoise uncovers the hidden flips, why they matter, and a new feed to track them.