Aggregator
一架飞机,三层危机!特朗普土耳其换机事件的深层逻辑
【情报分析】特朗普2026年7月10日在Truth Social的震惊发帖内容
宝马上半年销量受中国市场疲软拖累
Ваш сайт уже могли угнать. CISA подтвердила реальные атаки на пользователей JoomShaper и Langflow
在上海这场顶级赛车比赛,我看到《飞驰人生 3》的 AI 辅助系统走进现实
在上海这场顶级赛车比赛,我看到《飞驰人生 3》的 AI 辅助系统走进现实
CISA Details “Lessons from a Cyber Incident” After AWS GovCloud Credentials Leak
CISA has published a candid after-action account revealing that a contractor accidentally exposed the agency’s own AWS GovCloud credentials and Infrastructure-as-Code repositories in a personal, public GitHub account, triggering an internal incident response and a rare public “lessons learned” disclosure from the federal cybersecurity agency itself. On Friday, May 15, CISA’s incident response began after […]
The post CISA Details “Lessons from a Cyber Incident” After AWS GovCloud Credentials Leak appeared first on Cyber Security News.
CVE-2026-3367 | lustmored Lockme calendars integration Plugin up to 2.11.0 on WordPress Plugin Settings register_setting/update_option client_id/client_secret/id_prefix/api_domain cross site scripting
CVE-2026-5743 | gallerycreator SimpLy Gallery Plugin up to 3.3.3.1 on WordPress Block Attributes pgc_sgb_render_callback sliderMaxHeight cross site scripting
CVE-2026-13114 | stylemix Motors Plugin up to 1.4.112 on WordPress Comment Content cross site scripting
CVE-2026-10628 | wpswings Points and Rewards for WooCommerce Plugin up to 2.10.1 on WordPress Authorization wps_wpr_generate_custom_wallet nonce authorization
CVE-2026-7544 | 2coders Mux Video Uploader Plugin up to 1.1.4 on WordPress Settings muxvideo_enqueue_settings_script information disclosure
Пуэрто-Рико снова взломали. Но власти упорно делают вид, что открытый сервер — это нормально
Disney+正在考虑推出免费流媒体套餐
Dell BIOS Flaw Lets Attackers Recover Admin Passwords From SPI Flash in Milliseconds
A critical flaw in how Dell stores BIOS administrator and user passwords allows full password recovery from a flash dump in milliseconds, with no brute force required. The vulnerability, tracked as CVE-2026-40639 (DSA-2026-197), stems from a broken XOR encryption scheme rather than a proper cryptographic hash. Dell stores BIOS passwords in the DVAR (Dell Variable) […]
The post Dell BIOS Flaw Lets Attackers Recover Admin Passwords From SPI Flash in Milliseconds appeared first on Cyber Security News.
16% капитализации — цена честного признания. Платежная компания Nayax поплатилась за раскрытие информации о взломе
Meta从Instagram上移除备受争议的AI功能
281 Popular VPN Apps from the Google Play Store Leak Sensitive Data, Transfer Data Unencrypted
A new security study has found serious privacy and security issues in 281 popular Android VPN applications available on the Google Play Store. Researchers discovered that dozens of these apps transfer data without encryption, leak user traffic outside the VPN tunnel, and send device identifiers to advertising and tracking services. The research team from multiple […]
The post 281 Popular VPN Apps from the Google Play Store Leak Sensitive Data, Transfer Data Unencrypted appeared first on Cyber Security News.