Aggregator
【安全圈】重大安全漏洞曝光,WhatsApp与Apple紧急发布补丁
2 months ago
关键词安全漏洞WhatsApp 已修复其 iOS 与 macOS 应用中的一处严重安全漏洞,该漏洞已被黑客在野
Desolator
2 months ago
You must login to view this content
cohenido
Главная угроза ИИ — не код, а психология. Хакеры будущего будут вооружены не эксплойтами, а трудами Роберта Чалдини
2 months ago
ChatGPT нарушает запреты под действием поведенческих триггеров.
MediaTek Issues Security Update to Patch Multiple Chipset Flaws
2 months ago
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in its modem and system components. The announcement highlights that all affected device OEMs have already received patches for at least two months, and there is currently no evidence of any exploit in the wild. According […]
The post MediaTek Issues Security Update to Patch Multiple Chipset Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
日本夏季平均气温再创新高
2 months ago
日本气象厅周一发布消息,今年夏天平均气温较往年高出 2.36 度,创 1898 年开始统计以来新高。日本已连续 3 年经历最炎热夏季。气象厅表示这一波酷暑还将持续两周。气象厅称,日本北部较往年高出 3.4°C,日本东部 +2.3°C,日本西部 +1.7°C,均为 1946 年有统计以来的最高值。全国 153 个气象站中,有 132 个站记录了夏季最高平均气温(其中 9 个站的记录与基线持平)。今年夏季,共有 9,385 个 AMeDAS 站记录了极端高温天数,这是自 2010 年实现统计比较以来的最高值。
North Korea’s APT37 deploys RokRAT in new phishing campaign against academics
2 months ago
ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers. Cybersecurity firm Seqrite Labs uncovered a phishing campaign, tracked as dubbed Operation HanKook Phantom, by the North Korea-linked group APT37 (aka Ricochet Chollima, ScarCruft, Reaper, and Group123). Threat actors are using a fake “National Intelligence Research Society Newsletter […]
Pierluigi Paganini
新西兰人为左旋蜗牛寻找配偶
2 months ago
新西兰人正在为一只罕见的左旋蜗牛寻找配偶。这只蜗牛以《辛普森一家》中左撇子邻居 Ned Flanders 的名字命名为 Ned。蜗牛的壳通常是右旋的,出现左旋壳的概率是 1:40,000,而且左旋蜗牛和右旋蜗牛是无法交配的,因为两者的生殖器对不上,所以左旋蜗牛必须和左旋蜗牛交配,但在自然界左旋蜗牛遇到左旋蜗牛的概率是非常低,因此新西兰人发起了为 Ned 寻找配偶的全国性行动——上一次的成功尝试是在 2016 年。
Black Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breaches
2 months ago
Cyber attackers don’t always need sophisticated exploits. Too often, they succeed by exploiting the basics.
Related: 51 common SMB cyberattacks
That’s the warning from Chris Wallis, founder and CEO of London-based Intruder, who sat down with Last Watchdog… (more…)
The post Black Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breaches first appeared on The Last Watchdog.
The post Black Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breaches appeared first on Security Boulevard.
bacohido
上周关注度较高的产品安全漏洞(20250825-20250831)
2 months ago
上周关注度较高的产品安全漏洞(20250825-20250831)
CNVD漏洞周报2025年第33期
2 months ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞447个,其中高危漏洞256个、中危漏洞173个、低危漏洞18个。
有奖挑战 | 请查收来自金融大模型的安全挑战
2 months ago
大模型安全挑战,破局点在哪?
«Можно поменять счёт?» — «Да, конечно». — «А проверять будем?» — «Нет». Городские власти объяснили, как потеряли бюджетные деньги
2 months ago
Балтимор отдал миллион мошеннику, и никто даже не проверил чек.
Hackers Register Domains to Target 2026 FIFA World Cup in Cyberattack
2 months ago
A concerning surge in malicious domain registrations designed to exploit the upcoming 2026 FIFA World Cup, with threat actors already positioning themselves more than a year before the tournament begins. A comprehensive investigation by PreCrime Labs, the threat research division of BforeAI, has revealed that cybercriminals are systematically registering fraudulent domains to capitalize on the […]
The post Hackers Register Domains to Target 2026 FIFA World Cup in Cyberattack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Mayura Kathir
中国互联网金融协会发布《关于进一步加强金融领域App自律检查的通知》
2 months ago
低级错误引发严重数据泄露事故,知名运营商被罚近7亿元
2 months ago
内部安全防护存在大量低级错误
South Korea AI Act
2 months ago
What is the South Korea AI Act? South Korea’s Framework Act on the Development of Artificial Intelligence and Creation of a Trust Foundation, often referred to simply as the AI Framework Act or the AI Basic Act, is the country’s landmark law on artificial intelligence. It was passed by the National Assembly in December 2024, […]
The post South Korea AI Act appeared first on Centraleyes.
The post South Korea AI Act appeared first on Security Boulevard.
Deborah Erlanger
CVE-2025-9793 | itsourcecode Apartment Management System 1.0 Setting /setting/admin.php ddlBranch sql injection (EUVD-2025-26357)
2 months ago
A vulnerability identified as critical has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /setting/admin.php of the component Setting Handler. Performing manipulation of the argument ddlBranch results in sql injection.
This vulnerability is reported as CVE-2025-9793. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-9792 | itsourcecode Apartment Management System 1.0 e_all_info.php mid sql injection (EUVD-2025-26358)
2 months ago
A vulnerability categorized as critical has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /e_dashboard/e_all_info.php. Such manipulation of the argument mid leads to sql injection.
This vulnerability is documented as CVE-2025-9792. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-9791 | Tenda AC20 16.03.08.05 fromAdvSetMacMtuWan wanMTU stack-based overflow (EUVD-2025-26354)
2 months ago
A vulnerability was found in Tenda AC20 16.03.08.05. It has been rated as critical. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow.
This vulnerability is registered as CVE-2025-9791. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com