Aggregator

A vulnerability was found in Asus RP-AC52 up to 1.0.1.1s and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation as part of Request leads to cross-site request forgery. This vulnerability is handled as CVE-2016-6557. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Asus RP-AC52 1.0.1.1s. It has been classified as critical. This affects the function system of the file apply.cgi of the component Web Interface. The manipulation as part of Parameter leads to command injection. This vulnerability is uniquely identified as CVE-2016-6558. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in ShoreTel Mobility Client App 9.1.3.109 on iOS/Android. It has been declared as critical. This vulnerability affects unknown code of the component SSL Certificate Validator. The manipulation leads to improper certificate validation. This vulnerability was named CVE-2016-6562. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in PHP FormMail Generator and classified as critical. This issue affects some unknown processing of the file /admin.php?mod=admin&func=panel. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2016-9482. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in PHP FormMail Generator. It has been classified as critical. Affected is the function phpfmg_filman_download. The manipulation leads to deserialization. This vulnerability is traded as CVE-2016-9483. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in PHP FormMail Generator. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2016-9484. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in EpubCheck 4.0.1. This vulnerability affects unknown code of the component XML Data Handler. The manipulation as part of EPUB File leads to xml external entity reference. This vulnerability was named CVE-2016-9487. An attack has to be approached locally. There is no exploit available.

A vulnerability has been found in CodeLathe FileCloud up to 13.0.0.32841 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2016-6578. The attack can be initiated remotely. There is no exploit available.

Наука наконец нашла объяснение загадочной находке Чанъэ-5.

时光飞逝，岁月如梭。又到了 2024 年底，今年你过得怎么样呢。一如往年，我们又给各位读者整理了各种数字服务与 App 的年度报告。今年的报告比前几年的丰富许多，新增了出行与轨迹方面的数据报告，一如既

A vulnerability was found in Remote Clinic 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file register-patient.php. The manipulation of the argument Full Name leads to cross site scripting. This vulnerability is handled as CVE-2021-30030. The attack may be launched remotely. Furthermore, there is an exploit available.

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vuln

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. "These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings

天文学家发现了迄今最遥远的蝎虎 BL型类星体（blazar），位于红移约 7.0 的宇宙时期，相当于宇宙年龄不到 8 亿年。蝎虎BL型类星体是一类活跃星系核，其特征是中心的超大质量黑洞驱动

天文学家发现了迄今最遥远的蝎虎 BL型类星体（blazar），位于红移约 7.0 的宇宙时期，相当于宇宙年龄不到 8 亿年。蝎虎BL型类星体是一类活跃星系核，其特征是中心的超大质量黑洞驱动高速相对论性喷流，且喷流方向几乎直接对准地球。此次发现的天体 VLASS J041009.05−013919.88（J0410−0139）其核心包含一颗质量约为太阳 7 亿倍的超大质量黑洞。其电波辐射的变化、致密结构与 X 射线特征证实，它是一颗喷流几乎直接对准地球的蝎虎BL型类星体。J0410−0139 的发现暗示，在早期宇宙中可能存在更多类似的喷流源。这些喷流可能促进黑洞快速增长，并显著影响其宿主星系的演化。

作者：Reborn, Lisa@慢雾安全团队 原文链接：https://mp.weixin.qq.com/s/bPGbEdTCKaM9uJhaRXlO6A 背景 近期，X 上多位用户报告了一种伪装成 Zoom 会议链接的钓鱼攻击手法，其中一受害者在点击恶意 Zoom 会议链接后安装了恶意软件，导致加密资产被盗，损失规模达百万美元。在此背景下，慢雾安全团队对这类钓鱼事件和攻击手法展开分析，并追...

error code: 521

2024 Marked the Government's Increasing Role Mandating Cybersecurity
Australia announced a flurry of cybersecurity legislation and regulations in 2024, spotlighting the government's intent to fortify the nation's cybersecurity in the wake of the Medibank and Optus incidents. The government vowed to transform the country into the world's "most cyber-secure."

Federal 'Rip-and-Replace' Program Gets Funding Boost in Defense Bill
The 2025 National Defense Authorization Act includes $3 billion to fund an FCC program aimed at replacing Chinese-made telecommunications equipment across the country amid heightened threats from Beijing following the discovery of the Salt Typhoon cyberespionage campaign.