Aggregator
苹果被曝新 Siri 再次延期,股价大跌4%;原荣耀 CEO 赵明官宣加入千里科技;Spotify 宣称其程序员不再写代码 | 极客早知道
2 days 15 hours ago
· 电池存在起火风险,奔驰宣布在美国召回超万辆 EQB 电动汽车
针对某银行演练红队攻击样本分析
2 days 16 hours ago
针对某银行演练红队攻击样本分析
从"付费打卡"到"打卡捐花":一个公益小实验的诞生
2 days 16 hours ago
如果你在用敲敲,更新到最新版本,面板顶部会出现小红花的入口。欢迎参与这个小实验,也欢迎告诉我们你的想法。
CVE-2025-13154
2 days 16 hours ago
Currently trending CVE - Hype Score: 6 - An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.
CVE-2025-8088
2 days 16 hours ago
Currently trending CVE - Hype Score: 2 - A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
...
DragonForce
2 days 16 hours ago
You must login to view this content
cohenido
DragonForce
2 days 16 hours ago
You must login to view this content
cohenido
Proofpoint acquires Acuvity to tackle the security risks of agentic AI
2 days 16 hours ago
Proofpoint is snapping up the startup to solve the industry’s newest headache: knowing what your autonomous AI is actually doing.
The post Proofpoint acquires Acuvity to tackle the security risks of agentic AI appeared first on CyberScoop.
Greg Otto
安全合规、智能高效,威努特助力智慧矿山安全建设
2 days 16 hours ago
护航矿山智能化高质量转型。
Daily Dose of Dark Web Informer - February 12th, 2026
2 days 16 hours ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer
Apple discloses first actively exploited zero-day of 2026
2 days 17 hours ago
The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.
The post Apple discloses first actively exploited zero-day of 2026 appeared first on CyberScoop.
Matt Kapko
CVE-2026-1458 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 allocation of resources (Nessus ID 298790)
2 days 17 hours ago
A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 18.6.5/18.7.3/18.8.3. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to allocation of resources.
This vulnerability is handled as CVE-2026-1458. The attack can be executed remotely. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2025-12059 | Logo j-Platform up to 13112025 file information disclosure
2 days 17 hours ago
A vulnerability marked as problematic has been reported in Logo j-Platform up to 13112025. Affected is an unknown function. Performing a manipulation results in file and directory information exposure.
This vulnerability is identified as CVE-2025-12059. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-64075 | ZBT WE2001 23.09.27 Cookie check_token path traversal
2 days 17 hours ago
A vulnerability labeled as critical has been found in ZBT WE2001 23.09.27. This issue affects the function check_token of the component Cookie Handler. The manipulation results in path traversal.
This vulnerability was named CVE-2025-64075. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2025-65127 | ZBT WE2001 23.09.27 API session expiration
2 days 17 hours ago
A vulnerability described as critical has been identified in ZBT WE2001 23.09.27. This impacts an unknown function of the component API Component. Executing a manipulation can lead to session expiration.
The identification of this vulnerability is CVE-2025-65127. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-65128 | ZBT WE2001 23.09.27 API missing authentication
2 days 17 hours ago
A vulnerability was found in ZBT WE2001 23.09.27. It has been declared as critical. The affected element is an unknown function of the component API Component. The manipulation results in missing authentication.
This vulnerability is reported as CVE-2025-65128. The attacker must have access to the local network to execute the attack. No exploit exists.
vuldb.com
CVE-2025-65480 | Pacom Unison Client 5.13.1 Report Template cross site scripting
2 days 17 hours ago
A vulnerability was found in Pacom Unison Client 5.13.1. It has been rated as problematic. The impacted element is an unknown function of the component Report Template Handler. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2025-65480. The attack may be initiated remotely. There is no available exploit.
vuldb.com
CVE-2025-69874 | unjs nanotar up to 0.2.0 Tar parseTar/parseTarGzip path traversal
2 days 17 hours ago
A vulnerability marked as critical has been reported in unjs nanotar up to 0.2.0. Affected by this vulnerability is the function parseTar/parseTarGzip of the component Tar Handler. The manipulation leads to path traversal.
This vulnerability is uniquely identified as CVE-2025-69874. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
CVE-2025-70029 | SunbirdEd 1.13.4 TLS/SSL certificate validation
2 days 17 hours ago
A vulnerability was found in SunbirdEd 1.13.4. It has been rated as critical. Affected is an unknown function of the component TLS/SSL. Performing a manipulation results in improper certificate validation.
This vulnerability is reported as CVE-2025-70029. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com