Aggregator

A vulnerability was found in Oracle Solaris 11. It has been declared as problematic. This vulnerability affects unknown code of the component SMF command svcbundle. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2020-2749. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Solaris 10/11. It has been rated as problematic. This issue affects some unknown processing of the component Whodo. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2020-2771. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

速修复

速修复

速修复

速修复

近期360高级威胁研究院捕获到了该组织针对中东的攻击行动，攻击组织通过恶意lnk下发后续恶意组件，然后层层加载最终实现PowerLess木马的部署，从而完成窃密活动。

助力人工智能安全标准化建设，共筑智能化未来

近期360高级威胁研究院捕获到了该组织针对中东的攻击行动，攻击组织通过恶意lnk下发后续恶意组件，然后层层加载最终实现PowerLess木马的部署，从而完成窃密活动。

助力人工智能安全标准化建设，共筑智能化未来

Op verschillende plekken in Nederland stonden militairen stil bij dodenherdenking. Dat deden ze ook elders in de wereld, zoals in uitzendgebieden en op zee. Een overzicht van Defensieoperaties in de week van 30 april tot en met 6 mei.

掌握关键取证技能

看雪论坛作者ID：pureGavin【译】

Приложения упали, банкоматы задумались: майские пошли не по плану.

Challenger, Gray & Christmas 的数据显示，经济波动和新兴挑战重塑企业领导决策，CEO 们正以创记录的速度离职。去年上市公司 CEO 离职人数 373 人，比 2023 年增加 24%。在员工人数至少 25 人的美国企业中，2024 年有 2221 名 CEO 离职。这是该机构自 2002 年跟踪企业高管离职情况以来的最高数字。人工智能、关税、对经济衰退的担忧以及对多元化倡议的审查被认为是推动高管离职的主要压力因素。这一趋势并不只局限于高管，据 McLean & Co. 对 20 多万名员工展开的调查，中层经理报告工作压力大的可能性比普通员工高 1.7 倍。

Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. [...]

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. This vulnerability was named CVE-2025-1376. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders fonts (thus, text) onto digital displays (e.g., screens) and is used across many platforms, including Android, iOS, macOS, and Linux. FreeType has been the source of multiple security vulnerabilities over the years, mostly due … More →

The post Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) appeared first on Help Net Security.