Aggregator

该漏洞可被用户执行恶意代码

6月14日我们杭州见！

看雪论坛作者ID：TubituX

The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover. Initially observed in test campaigns with limited live instances, this malware has rapidly evolved, demonstrating a surge in active campaigns and sophisticated development. A Rising Threat in the Android Ecosystem […]

The post New Crocodilus Malware Grants Full Control Over Android Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

涉姓名、邮箱、出生日期…

日本厚生劳动省公布的人口动态统计显示，2024 年新生儿数为 686,061 人，是开始统计的 1899 年以来首次跌破 70 万。相比 2023 年，减少了 41,227 人，减幅为 5.7%。每名女性一生所生孩子的推定人数“总和生育率”为 1.15，低于 2023 年的 1.20，创历史新低。东京都的生育率最低为 0.96。日本出生人数和出生率连续 9 年双双下滑。少子化速度比政府估算快了 15 年，未出现逆转的迹象。2024 年死亡数为迄今最多的 1,605,298人，死亡人数超过出生人数的人口“自然减少”为 919,237 人，创历史新高。连续 18 年呈现自然减少，人口减少也在加速。

Пока вы листали ленту, ваш телефон становился частью невидимой слежки за миллионами.

微软支持的 AI 创业公司 Builder.ai 最近申请破产，它的 AI 聊天机器人 Natasha 被发现其实是数百名印度员工伪装的。Builder.ai 从微软和 Qatar Investment Authority 等筹集到逾 4.45 亿美元资金，估值一度达到 15 亿美元，它的产品 Natasha 号称能用 AI 为客户生成软件，但实际上软件是由约 700 名印度员工根据客户要求在幕后手动编写的。Builder.ai 被发现虚报了 2024 年的收入，审计显示它的实际收入只有 5000 万美元，但它告诉投资者收入达到了 2.2 亿美元。

Пока жители платили налоги, хакеры унесли всю сеть с собой.

A vulnerability classified as critical was found in PHPGurukul Dairy Farm Shop Management System 1.3. This vulnerability affects unknown code of the file /add-product.php. The manipulation of the argument productname leads to sql injection. This vulnerability was named CVE-2025-5575. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file /bwdate-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The identification of this vulnerability is CVE-2025-5576. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an unknown function of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. This vulnerability is traded as CVE-2025-5577. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sales-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is known as CVE-2025-5578. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this issue is some unknown functionality of the file /search-product.php. The manipulation of the argument productname leads to sql injection. This vulnerability is handled as CVE-2025-5579. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. This vulnerability is uniquely identified as CVE-2025-5580. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. This vulnerability was named CVE-2025-5581. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads to sql injection. The identification of this vulnerability is CVE-2025-5582. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Sunshine Photo Cart Plugin up to 3.4.11 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to weak password recovery. This vulnerability was named CVE-2025-5482. The attack can be initiated remotely. There is no exploit available.