Aggregator

智能体驱动，360助力深圳打造数字政府新标杆

强势围观！

Submit #637911 / VDB-321880

A vulnerability was found in Oberon PSA Crypto up to 1.5.0 and classified as problematic. The impacted element is an unknown function. Such manipulation leads to observable timing discrepancy. This vulnerability is listed as CVE-2025-7383. The attack must be carried out locally. There is no available exploit. It is suggested to upgrade the affected component.

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

До 10 сентября фонд должен передать данные о нарушителях.

漏洞分析、脚本生成… 大语言模型如何助力网络安全？这门课告诉你答案！

黑客冒充IT人员，利用Teams窃取控制权

文末投递简历

本题共19支战队成功提交flag

In a concerning development for enterprise security, cybercriminals have begun exploiting Microsoft Teams—long trusted as an internal messaging and collaboration tool—to deliver PowerShell-based malware and gain unauthorized remote access to Windows systems. By impersonating IT support personnel and leveraging social engineering, these threat actors bypass traditional email filters and network defenses, striking directly at deep-seated […]

The post Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Oberon PSA Crypto up to 1.5.1 and classified as problematic. The affected element is an unknown function of the component RSA-OEAP Handler. This manipulation causes use of rsa algorithm without oaep. This vulnerability is tracked as CVE-2025-9071. The attack is possible to be carried out remotely. No exploit exists.

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The high-severity issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025. The Australian company said it fixed a "

A vulnerability, which was classified as problematic, was found in Oberon ocrypto up to 3.9.1. Impacted is an unknown function. The manipulation results in observable timing discrepancy. This vulnerability is identified as CVE-2025-7071. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

网络世界的边界不断扩展，安全威胁的形态也日益复杂。从深藏于企业核心的内网纵深，到引领变革浪潮的AI大模型前沿，攻防的战场从未如此广阔且充满挑战。

双期同步，百万现金奖励等你来拿！

超多活动！超丰富礼品！一起庆祝7周年！

Submit #637885 / VDB-321790

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet. FreePBX is an open-source private branch exchange (PBX) platform widely used by businesses, call centers, and service providers to manage voice communications. It's built on top