Aggregator

介绍如何在Linux、Windows和macOS上安装yt-dlp，支持从1000多个网站下载视频和音频。详细说明了多种安装方法，包括使用二进制文件、包管理器和Python pip，并介绍了FFmpeg的安装要求以及更新和维护建议。

Реальные схемы обмана и приёмы, на которых строится доверие.

Кино, которое не должно было существовать.

In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP archives disguised as military documents. The attack specifically targeted Belarusian military personnel through a lure document titled “ТЛГ на убытие на переподготовку.pdf” (TLG for departure for retraining.pdf), with evidence suggesting the operation focused on collecting […]

The post Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. Impacted is an unknown function of the component Adaptive Media Module. Performing manipulation results in use of web browser cache containing sensitive information. This vulnerability is known as CVE-2025-62276. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in Liferay Portal and DXP. This issue affects some unknown processing of the component URL Handler. Such manipulation leads to incorrect authorization. This vulnerability is traded as CVE-2025-62275. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Post SMTP Plugin up to 3.6.0 on WordPress and classified as problematic. Affected is the function __construct. Such manipulation leads to missing authorization. This vulnerability is traded as CVE-2025-11833. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in SiteSEO Plugin up to 1.3.1 on WordPress. This impacts an unknown function. The manipulation results in missing authorization. This vulnerability is cataloged as CVE-2025-12367. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Flying Images Plugin up to 2.4.14 on WordPress. Affected by this vulnerability is an unknown functionality. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-11927. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in CSS & JavaScript Toolbox Plugin up to 12.0.5 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-11928. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as problematic has been found in List Category Posts Plugin up to 0.92.0 on WordPress. This vulnerability affects the function catlist of the component Shortcode Handler. Such manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-11377. The attack can be launched remotely. No exploit exists.

A vulnerability was found in ELOG. It has been classified as problematic. The affected element is an unknown function. This manipulation of the argument -x causes missing authorization. This vulnerability appears as CVE-2025-64348. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as problematic has been found in LogicalDOC Community Edition up to 9.2.1. This affects an unknown part of the component API Key creation UI. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2025-12546. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic was found in LogicalDOC Community Edition up to 9.2.1. This vulnerability affects unknown code of the file /login.jsp of the component Admin Login Page. Such manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is documented as CVE-2025-12547. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Currently trending CVE - Hype Score: 1 - Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

好，我现在要帮用户总结这篇文章的内容。用户的要求是用中文，控制在100字以内，不需要特定的开头，直接写描述。 首先，我看看文章内容。文章标题是“New Story”，作者是TechBeat，发布日期是2025年11月1日。内容主要是HackerNoon根据页面浏览量、互动和评论来排名的趋势科技故事。看起来这是一个关于科技新闻排名的文章。 接下来，我需要提取关键信息：HackerNoon、趋势科技故事、排名依据（页面浏览量、互动、评论）。然后把这些信息浓缩成一句话，不超过100字。 可能会这样组织：HackerNoon根据页面浏览量、互动和评论排名趋势科技故事。这样简洁明了，符合用户要求。 最后检查一下字数和格式，确保没有多余的部分。这样应该能满足用户的需求了。 HackerNoon根据页面浏览量、互动和评论排名趋势科技故事。

A vulnerability was found in Microsoft Azure Compute Resource Provider. It has been rated as critical. The impacted element is an unknown function. Performing manipulation results in server-side request forgery. This vulnerability is identified as CVE-2025-59503. The attack can be initiated remotely. There is not any exploit available. This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.

A vulnerability, which was classified as critical, has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Impacted is an unknown function of the file /api/v1/courses/ of the component Course Thumbnail Handler. The manipulation of the argument thumbnail leads to unrestricted upload. This vulnerability is traded as CVE-2025-12268. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, was found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The affected element is an unknown function of the file /dash/org/settings/previews of the component Account Setting Page. The manipulation results in cross site scripting. This vulnerability is known as CVE-2025-12269. It is possible to launch the attack remotely. Furthermore, an exploit is available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca and classified as problematic. The impacted element is an unknown function of the file /api/v1/assignments/{assignment_id}/tasks/{task_id}/sub_file of the component Student Assignment Submission Handler. This manipulation causes improper control of resource identifiers. This vulnerability is handled as CVE-2025-12270. The attack can be initiated remotely. Additionally, an exploit exists. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.