Aggregator

Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2

Эй, компьютер, напиши-ка мне программу.

研究网络安全公司的现状、专业化以及如何塑造2025年的数字安全格局。

A vulnerability classified as problematic was found in ExtremePACS Extreme XDS up to 3932. This vulnerability affects unknown code. The manipulation leads to insertion of sensitive information into sent data. This vulnerability was named CVE-2024-7872. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in cookiebot Cookie Banner Plugin up to 4.4.1 on WordPress. This affects the function send_uninstall_survey. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-1666. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in eteubert Podlove Podcast Publisher Plugin up to 4.2.2 on WordPress. It has been rated as problematic. Affected by this issue is the function ajax_transcript_delete. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-1383. The attack may be launched remotely. There is no exploit available.

Google 正督促特朗普政府的司法部不要拆分该公司，理由是国家安全。去年 11 月法官裁决 Alphabet/Google 涉嫌垄断，拜登政府的司法部要求 Google 出售浏览器 Chrome，停止向苹果等公司支付数十亿美元换取成为默认搜索引擎的交易，以及做出其它业务方面的改革。在特朗普政府下，此案仍将继续下去，法官将在下个月举行相关听证会。彭博的报道称，Google 的一名代表在上周举行的一个会议上督促政府采取不那么激进的立场。该公司给出的理由是目前的提议可能损害经济和国家安全。

CHARCHA проверит личность за экраном перед генерацией контента.

Бастрыкин представил предложения Путину на совещании.

A vulnerability was found in Apache Traffic Server up to 9.2.8/10.0.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Header Field Handler. The manipulation of the argument Expect leads to Privilege Escalation. This vulnerability is handled as CVE-2024-56202. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

The U.S. Department of Justice (DoJ) charges 12 Chinese nationals for their alleged involvement in state-linked cyber operations. The U.S. DoJ charged 12 Chinese nationals, including PRC security officers, employees of the hacking firm i-Soon, and members of the APT27 group (aka Emissary Panda, TG-3390, Bronze Union, and Lucky Mouse), for data theft and suppressing dissent worldwide. “The Justice […]