Aggregator
【安全圈】OpenAI、Facebook、Instagram、WhatsApp 集体全球宕机
8 months 4 weeks ago
【安全圈】大量用户吐槽,Microsoft 365 又大面积宕机
8 months 4 weeks ago
CVE-2024-21574 | ltdrdata ComfyUI-Manager up to 2.51.0 POST Request /customnode/install pip code injection
8 months 4 weeks ago
A vulnerability, which was classified as very critical, was found in ltdrdata ComfyUI-Manager up to 2.51.0. This affects an unknown part of the file /customnode/install of the component POST Request Handler. The manipulation of the argument pip leads to code injection.
This vulnerability is uniquely identified as CVE-2024-21574. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12160 | seraphinitesoft Seraphinite Bulk Discounts for WooCommerce Plugin up to 2.4.6 on WordPress add_query_arg cross site scripting
8 months 4 weeks ago
A vulnerability, which was classified as problematic, has been found in seraphinitesoft Seraphinite Bulk Discounts for WooCommerce Plugin up to 2.4.6 on WordPress. Affected by this issue is the function add_query_arg. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-12160. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12333 | xTemos Woodmart Plugin up to 8.0.3 on WordPress Shortcode do_shortcode code injection
8 months 4 weeks ago
A vulnerability classified as critical was found in xTemos Woodmart Plugin up to 8.0.3 on WordPress. Affected by this vulnerability is the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection.
This vulnerability is known as CVE-2024-12333. The attack can be launched remotely. There is no exploit available.
vuldb.com
Windows 远程桌面服务漏洞允许攻击者执行远程代码
8 months 4 weeks ago
Windows 远程桌面服务漏洞允许攻击者执行远程代码
美国证券交易委员会推进纽约证券交易所提交的文件,以上市Bitwise比特币和以太坊ETF
8 months 4 weeks ago
安全客
网络安全童话与皇帝的新衣
9 months ago
网络安全童话与皇帝的新衣
Хакеры покусились на святое: атака на Krispy Kreme обернулась кошмаром для сладкоежек
9 months ago
Киберудар по бизнесу компании оставил в замешательстве любителей пончиков.
微软向Windows 10/11测试版用户推出新版连接手机 支持与iPhone互传文件
9 months ago
微软向Windows 10/11测试版用户推出新版连接手机 支持与iPhone互传文件
360与中国邮储银行强强联手,打造金融行业“数字样板工程”!
9 months ago
入选“数字样板工程”!360与中国邮储银行树立金融数字化转型新典范
Patchwork APT 以中国科研为目标开展新一轮活动
9 months ago
Patchwork APT 以中国科研为目标开展新一轮活动
Восточный фронт: Cloud Atlas запускает масштабную кибератаку на Россию
9 months ago
Группировка модернизирует арсенал, сохраняя традиционные цели.
微软修复MFA实施中的安全漏洞 攻击者可绕过安全策略在短时间内发起100万次登录
9 months ago
微软修复MFA实施中的安全漏洞 攻击者可绕过安全策略在短时间内发起100万次登录
会议预告 | 第四届数字取证与分析技术研讨会(DFA 2025)
9 months ago
会议预告 | 第四届数字取证与分析技术研讨会(DFA 2025)
Palantir 高管称现代战争的胜利离不开软件
9 months ago
在以色列特拉维夫大学举行的第一届国防科技峰会上,数据分析公司 Palantir 高级副总裁 Noam Perski 表示,软件是赢得现代战争的关键。英国前国防参谋长 Nick Carter 爵士说,记忆中第一次,自由世界面临一个试图建立新秩序的专制国家联盟...我们正面临工业时代和信息时代的一个转折点。这场变革的核心是软件而不是硬件。Noam Perski 进一步阐述了软件驱动的战争,他说软件并不能赢得战争。男女冒生命危险的意愿,父母让孩子身处前线的意愿,领导人做出艰难决定的意愿:这些都是赢得战争的因素。但是没有软件就无法赢得现代战争。
Свет вместо кабеля: лазеры меняют правила передачи данных
9 months ago
Мобильные сети нового поколения стирают границы между воздухом, сушей и океаном.
叙利亚局势:土耳其在其中扮演的角色
9 months ago
叙利亚局势:土耳其在其中扮演的角色
叙利亚临时政府关键负责人分析
9 months ago
叙利亚临时政府关键负责人分析