Aggregator

A vulnerability was found in SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0 and classified as critical. This issue affects the function doSystem. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2023-27826. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

A vulnerability was found in yasm 1.3.0.55.g101bc. It has been declared as critical. Affected by this vulnerability is the function yasm_expr_create in the library /libyasm/expr.c. The manipulation leads to memory corruption. This vulnerability is known as CVE-2023-29580. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in LiveAction LiveSP 21.1.2 and classified as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2023-27775. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in BlackVue DR750-2CH LTE 1.012_2022.10.26 and classified as critical. This issue affects some unknown processing of the component Firmware Handler. The manipulation leads to improper verification of cryptographic signature. The identification of this vulnerability is CVE-2023-27748. Local access is required to approach this attack. There is no exploit available.

A vulnerability classified as problematic was found in BlackVue DR750-2CH LTE 1.012_2022.10.26. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2023-27747. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in BlackVue DR750-2CH LTE 1.012_2022.10.2. It has been rated as problematic. This issue affects some unknown processing of the component WPA2 Handshake Handler. The manipulation leads to inadequate encryption strength. The identification of this vulnerability is CVE-2023-27746. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Auto Dealer Management System 1.0. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2023-27667. It is possible to launch the attack remotely. There is no exploit available.

​2月5日，F5发布了2025年第1季度的季度安全通告，修复了多款产品存在的17个安全漏洞。

​2月5日，F5发布了2025年第1季度的季度安全通告，修复了多款产品存在的17个安全漏洞。

A vulnerability was found in Apple visionOS. It has been classified as problematic. Affected is an unknown function of the component UI. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2025-24113. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component UI. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is known as CVE-2025-24113. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple Safari. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is handled as CVE-2025-24113. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Apple iOS and iPadOS. This affects an unknown part of the component UI. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is uniquely identified as CVE-2025-24113. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 联邦民用机构已被下令修补影响 Trimble Cityworks 的漏洞，这是一个被许多政府用来管理公共基础设施的流行工具。 英国工程巨头 Trimble 周四向伦敦证券交易所（LSE）提交了一份简短通知，称其成为了网络攻击的受害者。 网络安全和基础设施安全局（CISA）周四与 Trimble 一起发布了一则关于 CVE-2025-0994 的警告，确认该漏洞正被黑客利用。联邦民用机构需在 2 月 28 日前修补该漏洞。 Trimble Cityworks 是一个资产管理系统，被许多地方和联邦政府机构用来管理机场、公共事业、市政和县的基础设施资产。 CISA 表示，该漏洞允许恶意行为者“可能对客户的 Microsoft Internet Information Services (IIS) 网络服务器进行远程代码执行（RCE）”。 在给客户的一封信中，该公司表示，这一通知是在“调查有关未经授权尝试访问特定客户 Cityworks 部署的报告”之后发布的。 1 月 29 日发布了一个补丁，公司列出了客户需要采取的几项其他措施，以减少数据暴露的风险。客户应限制与 Cityworks 相关的权限，该系统“不应在任何站点上以本地或域级管理员权限运行”。 公司还在信中提供了妥协指标。CISA 表示，Trimble 向他们报告了该漏洞，赛门铁克威胁猎手团队为他们发布的关于该漏洞的咨询做出了贡献。 该漏洞的 CVSS v4 严重性评分为 8.4（满分 10）。所有 15.8.9 之前的 Cityworks 版本都受到该漏洞的影响。 Trimble 未回应关于黑客在利用 CVE-2025-0994 后采取了什么行动或黑客可能基于何处的置评请求。 Trimble 是一家总部位于科罗拉多州的大型技术供应商，在大约 40 个国家拥有超过 11000 名员工。该公司在上一财季报告的收入为 8.758 亿美元。 Cityworks 工具允许客户从一个平台管理关键基础设施资产，并组织检查、工单、许可证、运营等。 大约一年前，农业设备制造商 AGCO 以 20 亿美元现金收购了 Trimble 农业业务的 85% 股权。AGCO 在 2022 年遭受了一次勒索软件攻击，影响了其业务运营。   消息来源：The Record, 编译：zhongx；   本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

1. RansomHub勒索团伙公布新的受害公司 2. Cactus公布了新的受害公司 3. Qilin勒索团伙公布受害公司数据

1. RansomHub勒索团伙公布新的受害公司 2. Cactus公布了新的受害公司 3. Qilin勒索团伙公布受害公司数据

1. RansomHub勒索团伙公布新的受害公司 2. Cactus公布了新的受害公司 3. Qilin勒索团伙公布受害公司数据

1. RansomHub勒索团伙公布新的受害公司 2. Cactus公布了新的受害公司 3. Qilin勒索团伙公布受害公司数据

总结推荐本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点！

HackerNews 编译，转载请注明出处： 英国工程巨头 IMI 周四向伦敦证券交易所（LSE）提交了一份简短通知，称其成为了网络攻击的受害者。 “[IMI] 目前正在应对一起涉及公司系统未经授权访问的网络安全事件，”该公司向 LSE 表示。 该公司尚未透露其面临的事件类型，但表示已聘请外部网络安全专家进行调查并控制攻击。 “与此同时，公司正在采取必要措施以遵守监管义务，”IMI 说。 这家工程巨头表示，将在适当的时候提供更多信息，并在回复 SecurityWeek 的询问时拒绝透露有关事件性质和影响的进一步细节。 此次攻击的披露大约是在另一家英国工程公司史密斯集团（Smiths Group）披露影响其某些系统的网络攻击一周后。 “我们目前正在进行一起涉及系统未经授权访问的网络事件。我们一旦意识到这一活动，就迅速隔离了受影响的系统并启动了业务连续性计划，”史密斯集团上周表示。 目前尚不清楚这两起攻击中是否使用了勒索软件，以及黑客是否试图对这两家工程巨头进行敲诈。SecurityWeek 尚未看到任何已知的勒索软件组织声称对这些事件负责。   消息来源：Security Week, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文