Aggregator

A vulnerability described as problematic has been identified in Cisco Evolved Programmable Network Manager and Prime Infrastructure. Impacted is an unknown function of the component Web-based Management Interface. Executing a manipulation can lead to open redirect. This vulnerability is tracked as CVE-2026-20123. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in Cisco Prime Infrastructure. Affected by this vulnerability is an unknown functionality of the component Web-based Management Interface. Performing a manipulation results in cross site scripting. This vulnerability is known as CVE-2026-20111. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.194/6.1.156/6.6.112/6.12.53/6.17.3. This issue affects the function kvmalloc of the component ext4. Executing a manipulation can lead to allocation of resources. This vulnerability appears as CVE-2025-40179. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in x-crypto up to 0.42.x on Go. Affected is an unknown function. Executing a manipulation can lead to improper check or handling of exceptional conditions. This vulnerability is tracked as CVE-2025-47913. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.17.3. This vulnerability affects the function pid_nr_ns. Performing a manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-40178. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The activity is linked to the APT41 ecosystem and affected countries including Thailand, Indonesia, Singapore, and […]

A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated remote attackers to upload harmful files and gain complete control over the affected system. The security flaw, identified as CVE-2026-20098, carries a high severity rating because it enables “root” access, the highest level of administrative permission on […]

The post Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files appeared first on Cyber Security News.

美国网络司令部通过攻击伊朗军事系统支持打击核设施的军事行动

单人最低赔偿7万元

Pindrop warns of 1210% increase in AI-powered fraud last year

A vulnerability identified as problematic has been detected in pear pearweb up to 1.32.x. Affected by this issue is some unknown functionality of the component Roadmap Handler. This manipulation causes operator precedence logic error. The identification of this vulnerability is CVE-2026-25233. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.121/6.12.67/6.18.7/6.19-rc6. The affected element is the function cdev_device_add of the component uacce. The manipulation leads to unchecked return value. This vulnerability is traded as CVE-2026-23096. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.18.7/6.19-rc6. Affected is the function task_fpsimd_load of the component fpsimd. Performing a manipulation results in allocation of resources. This vulnerability was named CVE-2026-23102. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

黑客公开哈佛宾大失窃数据，疑因勒索未成

最近总有人问我：现在到处是智能助手、自动化程序，甚至还有能自己决策的“智能体”，它们需不需要“身份证”？

看雪论坛作者ID：h01mes

В Кемерово вынесли суровый приговор за деятельность в соцсетях и мессенджерах.

2026年或许会成为一个值得回望的时间点。站在“科技向善”愿景提出第九年的节点上，互联网早已从流量与红利的争夺，转向了对人工智能深层价值的挖掘。

近日，中国信息通信研究院政策与经济研究所、互联网法律研究中心联合发布《数据治理研究报告（2025年）——端侧大模型数据治理法律要点研究》。