Aggregator

三项荣誉！360获NVDB-CAVD高度认可

近日，由中汽数据有限公司主办的车联网产品安全漏洞专业库（NVDB-CAVD）2024年终总结会在北京圆满落幕。360数字安全集团受邀出席，荣获工业和信息化网络安全威胁和漏洞信息共享平台车联网产品安全漏

A vulnerability, which was classified as critical, has been found in YS STEALTHONE D220 and STEALTHONE D340 up to 6.03.02. This issue affects some unknown processing of the component Web Management Page. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-20620. The attack may be initiated remotely. There is no exploit available.

On January 7, we published a press release to share our five predictions for cybersecurity in 20

On January 7, we published a press release to share our five predictions for cybersecurity in 2025. Over the next few weeks, we’ll publish a blog series that provides additional commentary on each prediction. This is the second blog in the series. Check out the first and second blogs here.    Prediction Key Takeaways: We […]

The post 2025 Prediction 3: Digital Security Will Expand Beyond Privacy Concerns To Include Holistic, Integrated Cyber and Physical Protection appeared first on BlackCloak | Protect Your Digital Life™.

The post 2025 Prediction 3: Digital Security Will Expand Beyond Privacy Concerns To Include Holistic, Integrated Cyber and Physical Protection appeared first on Security Boulevard.

Потеряет ли игра доверие игроков после масштабного взлома?

A vulnerability classified as critical was found in YS STEALTHONE D220 and STEALTHONE D340 up to 6.03.02. This vulnerability affects unknown code. The manipulation leads to os command injection. This vulnerability was named CVE-2025-20055. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in YS STEALTHONE D220, STEALTHONE D340 and STEALTHONE D440. This affects an unknown part of the component Web Management Page. The manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2025-20016. It is possible to initiate the attack remotely. There is no exploit available.

关注我们带你读懂网络安全攻击者利用被盗的API密钥，访问微软Azure OpenAI服务中的设备和账号，绕过安全护栏生成了“数千张”违反内容限制的图片，并对外出售这些访问权限。前情回顾·大模型安全动态

关注我们带你读懂网络安全欧盟执法培训机构（CEPOL）近日披露了一起大规模数据泄漏事件。该机构承认在2024年5月遭受的一次网络攻击中，导致近10万名参与CEPOL培训的个人数据可能被泄露。这起事件凸

已被微软发现并处置

A vulnerability was found in Event Monster Plugin up to 1.4.3 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Visitors List Export. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-11396. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in OMRON Machine Automation Controller NJ-series and Machine Automation Controller NX-series. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2024-12083. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in OMRON Programable Terminals NB-Designer up to 1.63. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. The identification of this vulnerability is CVE-2024-12298. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in MonetDB Server 11.47.11. This issue affects the function atom_get_int of the component SQL Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-57619. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in MonetDB Server 11.47.11. Affected is the function trimchars of the component SQL Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-57620. Access to the local network is required for this attack. There is no exploit available.