Aggregator

A vulnerability was found in IBM WebSphere Application Server 6.0.x. It has been classified as problematic. This affects an unknown part of the component HTTP Response Handler. The manipulation leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2007-1608. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Squid Proxy up to 2.6.STABLE11. It has been rated as problematic. This issue affects some unknown processing of the component TRACE Request Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2007-1560. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in EMC Centera Universal Access 4.0 4735 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation leads to sql injection. This vulnerability is known as CVE-2008-3370. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Symantec Workspace Virtualization 6.4.1895.0. It has been classified as critical. Affected is the function NtQueryValueKey of the file fslx.sys. The manipulation of the argument ResultLength leads to memory corruption. This vulnerability is traded as CVE-2013-4679. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

DeepSeek-R1 凭借其优秀的深度推理能力，一经推出便在 AI 市场掀起热潮。

A vulnerability, which was classified as critical, has been found in Fastball 2.5 on Joomla. This issue affects some unknown processing. The manipulation as part of Parameter leads to sql injection. The identification of this vulnerability is CVE-2018-6373. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Elxis CMS 2008.1. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument PHPSESSID leads to improper authentication. The identification of this vulnerability is CVE-2008-4649. The attack may be initiated remotely. Furthermore, there is an exploit available.

“熟人”骗局？“银狐”威胁体发起的钓鱼攻击活动

A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. This vulnerability was named CVE-2025-5856. The attack can be initiated remotely. Furthermore, there is an exploit available.

Overview Recently, NSFOCUS CERT has detected that DataEase has issued a security bulletin to fix multiple high-risk vulnerabilities in DataEase (CVE-2025-49001/CVE-2025-49002/CVE-2025-48999). Combined use can achieve unauthorized code execution. At present, the vulnerability details and PoC have been made public. Relevant users are requested to take measures to protect them as soon as possible. CVE-2025-49001: Due […]

The post Multiple High-Risk Vulnerabilities in DataEase (CVE-2025-49001/CVE-2025-49002/CVE-2025-48999) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Multiple High-Risk Vulnerabilities in DataEase (CVE-2025-49001/CVE-2025-49002/CVE-2025-48999) appeared first on Security Boulevard.

A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-5855. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in GigCalendar Com Gigcalendar 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument gigcal_bands_id leads to sql injection. This vulnerability was named CVE-2009-0730. The attack can be initiated remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： Qilin勒索组织近期利用两个Fortinet漏洞发起攻击，该漏洞允许攻击者在未认证状态下远程执行恶意代码。该组织（又名Phantom Mantis）自2022年8月以“Agenda”为名运营勒索软件即服务(RaaS)，其暗网泄露站点已披露超310名受害者，包括汽车巨头Yangfeng、出版集团Lee Enterprises、澳大利亚法院服务署Victoria及病理服务商Synnovis。其中Synnovis遭攻击导致伦敦多家NHS医院被迫取消数百例诊疗安排。 威胁情报公司PRODAFT发现，Qilin近期通过部分自动化攻击模式瞄准多个Fortinet漏洞，主要针对西班牙语国家机构，但预计攻击范围将扩大至全球。“Phantom Mantis在2025年5月至6月发起协同入侵，中高度置信证据表明其通过CVE-2024-21762、CVE-2024-55591等FortiGate漏洞实现初始访问”，PRODAFT在向BleepingComputer提供的内部警报中表示。尽管当前攻击呈现地域倾向，但目标选择仍具随机性。 本次攻击利用的两大漏洞中： CVE-2024-55591：早在2024年11月已被其他威胁组织作为零日漏洞利用，Mora_001勒索运营商曾借此部署与LockBit犯罪团伙关联的SuperBlack勒索软件 CVE-2024-21762：Fortinet于今年2月发布补丁，美国网络安全局(CISA)将其列入高危漏洞目录并勒令联邦机构在2月16日前加固设备。后续扫描显示仍有近15万台设备未修复 Fortinet漏洞常被用于网络间谍活动及勒索攻击。例如今年2月披露的黑客组织Volt Typhoon曾利用FortiOS SSL VPN漏洞（CVE-2022-42475及CVE-2023-27997）部署定制远控木马Coathanger——该恶意软件此前曾渗透荷兰国防部军事网络。       消息来源：  bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Elxis CMS 2008.1. It has been declared as problematic. This vulnerability affects unknown code of the file index.php of the component modules/mod_language.php. The manipulation leads to cross site scripting. This vulnerability was named CVE-2008-4648. The attack can be initiated remotely. Furthermore, there is an exploit available.

A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vulnerability, tracked as CVE-2025-32756, carries a maximum CVSS score of 9.8 and enables unauthenticated remote code execution through a stack-based buffer overflow flaw. The vulnerability exists in the processing of […]

The post PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 美国税务解决方案公司Optima Tax Relief遭遇Chaos勒索软件攻击，攻击者现已泄露窃取的公司数据。作为知名税务服务机构，该公司专为个人及企业解决联邦与州税问题，自称全美领先税务解决商，累计为客户处理超30亿美元税务债务。 近日，Chaos勒索团伙将Optima Tax Relief列入其数据泄露网站，宣称窃取69GB数据。泄露内容包含公司内部数据与客户案件档案，其中税单通常载有社会安全号码、电话号码、家庭住址等敏感信息，可能被其他威胁组织用于恶意活动或身份盗窃。 知情人士向BleepingComputer透露，此次攻击采用双重勒索模式：攻击者不仅窃取数据，同时加密了公司服务器。Chaos是2025年3月新出现的勒索组织，其数据泄露网站首批公布了五名受害者。需注意该团伙不同于2021年出现的Chaos勒索软件生成器——后者常被用于网络钓鱼和恶意软件活动。 该团伙上周还宣称攻陷慈善组织救世军，但未获对方回应。BleepingComputer已就事件细节联系Optima Tax Relief，尚未获得回复。       消息来源：  bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： 特朗普政府于6月6日发布升级版网络安全行政令，包含近十二项指令以强化国家安全，涵盖人工智能应用、后量子密码技术、物联网设备认证及应对国家级别网络威胁等领域。该行政令是对奥巴马政府2015年签署的13694号行政令及特朗普今年1月25日签署的《促进国家网络安全创新》14144号行政令的补充。 特朗普在行政令序言中强调：“我下令采取新行动提升国家网络安全防御能力，重点包括：保护数字基础设施、确保关键数字服务安全、增强应对核心威胁的能力”。 核心指令要点： 人工智能整合 要求2025年11月1日前将AI技术整合至联邦网络用于漏洞管理，并在8月1日前推进安全软件开发。身份安全企业CyberArk创新高级副总裁凯文·博切克指出：“全球AI竞争加速催生了新型攻击面，AI防御技术能快速识别漏洞、扩大威胁检测规模并实现自动化防护”。该指令同时要求11月前向学术研究界开放网络安全研究数据集。 后量子密码技术 针对量子计算机未来可能破解现有公钥密码体系的威胁，行政令要求联邦政府过渡至抗量子破解的加密算法，并在2025年12月前建立支持后量子密码(PQC)的产品动态清单。博切克特别警示“机器身份泛滥”风险：“当前企业机器身份数量已达人类身份的82倍，但68%机构缺乏AI身份管控能力”。 物联网与系统加固 指令要求2027年1月起所有联邦采购的物联网设备必须携带“美国网络信任标记”认证标签；美国国家标准与技术研究院(NIST)需在2025年9月更新安全补丁部署指南；联邦预算管理局(OMB)则获三年期限制定政府IT系统现代化改造及风险应对框架。       消息来源：  cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability has been found in Ek Rishta 2/9 on Joomla and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument gender/age1/age2/religion/mothertounge/caste/country as part of Parameter leads to sql injection. This vulnerability is known as CVE-2018-7315. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-5853. The attack can be launched remotely. Furthermore, there is an exploit available.