Играть в прятки с ИИ больше не получится. Anthropic изменила правила и будет смотреть, кто на самом деле платит
Компания запретила доступ к ИИ компаниям из авторитарных стран
Aggregator
Randall Munroe’s XKCD ‘Cesium’
3 months 1 week ago
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
The post Randall Munroe’s XKCD ‘Cesium’ appeared first on Security Boulevard.
Marc Handelman
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
3 months 1 week ago
A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out using tools already available on the Windows operating system. The vulnerability was detailed by Zero […]
The post Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack appeared first on Cyber Security News.
Guru Baran
Supreme Court blocks FTC commissioner Slaughter’s reinstatement
3 months 1 week ago
As some observers predicted, Democratic commissioners are racking up lower court victories, but the highest court in the country appears skeptical.
The post Supreme Court blocks FTC commissioner Slaughter’s reinstatement appeared first on CyberScoop.
djohnson
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
3 months 1 week ago
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]
Sergiu Gatlan
npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack
3 months 1 week ago
Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked…
Waqas
Microsoft Edge security advisory (AV25-573)
3 months 1 week ago
Canadian Centre for Cyber Security
CVE-2020-5283 | ViewVC up to 1.1.27/1.2.0 CVS show_subdir_lastmod cross site scripting (Nessus ID 261354)
3 months 1 week ago
A vulnerability labeled as problematic has been found in ViewVC up to 1.1.27/1.2.0. This impacts an unknown function of the component CVS show_subdir_lastmod. Executing manipulation can lead to basic cross site scripting.
This vulnerability is tracked as CVE-2020-5283. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.
vuldb.com
CVE-2019-6970 | Moodle 3.5.0/3.5.1/3.5.2/3.5.3 server-side request forgery (Nessus ID 261353)
3 months 1 week ago
A vulnerability classified as critical was found in Moodle 3.5.0/3.5.1/3.5.2/3.5.3. Affected by this issue is some unknown functionality. Executing manipulation can lead to server-side request forgery.
The identification of this vulnerability is CVE-2019-6970. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2019-3572 | libming 0.4.8 util/dbl2png.c writePNG out-of-bounds (Issue 169 / Nessus ID 261356)
3 months 1 week ago
A vulnerability categorized as critical has been discovered in libming 0.4.8. The affected element is the function writePNG of the file util/dbl2png.c. The manipulation results in out-of-bounds read.
This vulnerability is known as CVE-2019-3572. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2021-21303 | Helm up to 3.5.1 Version injection (Nessus ID 261355)
3 months 1 week ago
A vulnerability was found in Helm up to 3.5.1. It has been classified as problematic. Affected by this issue is some unknown functionality. Performing manipulation of the argument Version results in injection.
This vulnerability is known as CVE-2021-21303. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2019-17109 | Koji up to 1.18.0 path traversal (FEDORA-2019-adf618865f / Nessus ID 261357)
3 months 1 week ago
A vulnerability classified as critical has been found in Koji up to 1.18.0. Impacted is an unknown function. Performing manipulation results in path traversal.
This vulnerability is reported as CVE-2019-17109. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
Mydata
3 months 1 week ago
You must login to view this content
cohenido
Скрытая бомба в корпоративных хранилищах: Apache Jackrabbit выдаёт злоумышленникам полный контроль
3 months 1 week ago
Миллионы серверов оказались беззащитными перед новой угрозой.
Red Hat security advisory (AV25-572)
3 months 1 week ago
Canadian Centre for Cyber Security
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
3 months 1 week ago
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China.
The post Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks appeared first on Security Boulevard.
Jeffrey Burt
CVE-2025-9323 | Foxit PDF Reader JP2 File Parser out-of-bounds
3 months 1 week ago
A vulnerability was found in Foxit PDF Reader and classified as critical. This affects an unknown function of the component JP2 File Parser. Executing manipulation can lead to out-of-bounds read.
This vulnerability is registered as CVE-2025-9323. It is possible to launch the attack remotely. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-9324 | Foxit PDF Reader PRC File Parser out-of-bounds
3 months 1 week ago
A vulnerability was found in Foxit PDF Reader. It has been declared as critical. Affected is an unknown function of the component PRC File Parser. The manipulation results in out-of-bounds read.
This vulnerability is reported as CVE-2025-9324. The attack can be launched remotely. No exploit exists.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-9325 | Foxit PDF Reader PRC File Parser out-of-bounds
3 months 1 week ago
A vulnerability was found in Foxit PDF Reader. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component PRC File Parser. This manipulation causes out-of-bounds read.
This vulnerability appears as CVE-2025-9325. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-9327 | Foxit PDF Reader PRC File Parser out-of-bounds
3 months 1 week ago
A vulnerability categorized as critical has been discovered in Foxit PDF Reader. Affected by this issue is some unknown functionality of the component PRC File Parser. Such manipulation leads to out-of-bounds read.
This vulnerability is traded as CVE-2025-9327. The attack may be launched remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com