Aggregator

A vulnerability was found in futuredesigngrp WP Online Contract Plugin up to 5.1.4 on WordPress. It has been classified as critical. This affects the function json_import/json_export of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-0954. It is possible to initiate the attack remotely. There is no exploit available.

特朗普网络幕僚团队初步成形

实时人脸伪造技术快速普及，犯罪生态迅猛扩张

A vulnerability was found in Eaton Foreseer Reporting Software up to 1.5.99 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2025-22493. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail

De omgang met technologie is cruciaal voor militaire operaties. Defensie houdt daarom de ontwikkelingen op het gebied van onder andere kunstmatige intelligentie (AI), cloud en quantum goed in de gaten. Deze gaan namelijk razendsnel. Staatssecretaris Gijs Tuinman was de afgelopen dagen in de Verenigde Staten voor een bezoek aan de Amerikaanse techsector. Hij zag met eigen ogen welke nieuwe technologieën mogelijk impact hebben op het werk van de krijgsmacht.

Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI. With its expertise in open source governance, Sonatype now extends its trusted platform to protect, manage, and optimize AI/ML models across development and deployment. Sonatype provides an end-to-end AI SCA solution, ensuring that enterprises can adopt AI with the same level of safety and productivity as traditional open source. Open source AI/ML adoption is soaring … More →

The post Sonatype AI SCA delivers visibility and control over AI/ML usage appeared first on Help Net Security.

近日，绿盟科技监测到网上披露了Ollama配置不当未授权访问漏洞（CNVD-2025-04094）。目前漏洞细节已披露，且发现在野利用，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到VMware发布安全公告，修复了VMware ESXi&Workstation&Fusion多个高危漏洞，目前3个漏洞均已发现在野利用，请相关用户尽快采取措施进行防护。

近日，绿盟科技监测到网上披露了Ollama配置不当未授权访问漏洞（CNVD-2025-04094）。目前漏洞细节已披露，且发现在野利用，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到VMware发布安全公告，修复了VMware ESXi&Workstation&Fusion多个高危漏洞，目前3个漏洞均已发现在野利用，请相关用户尽快采取措施进行防护。

2025年初大模型数据泄露集中爆发，安全威胁直击核心数据与用户隐私，本文深度剖析五大事件，敲响AI安全警钟

2025年初大模型数据泄露集中爆发，安全威胁直击核心数据与用户隐私，本文深度剖析五大事件，敲响AI安全警钟

2025年初大模型数据泄露集中爆发，安全威胁直击核心数据与用户隐私，本文深度剖析五大事件，敲响AI安全警钟

2025年初大模型数据泄露集中爆发，安全威胁直击核心数据与用户隐私，本文深度剖析五大事件，敲响AI安全警钟

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

A vulnerability classified as problematic was found in IBM Aspera Faspex up to 5.0.10. This vulnerability affects unknown code. The manipulation leads to observable response discrepancy. This vulnerability was named CVE-2023-37413. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Aspera Faspex up to 5.0.10 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to execution with unnecessary privileges. This vulnerability is handled as CVE-2023-37412. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. The agency revealed that it has disconnected its infrastructure to contain the attack and secure data, a circumstance that […]