Aggregator

Submit #622348 / VDB-319344

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function setCookie of the file src/main/java/co/yiiu/pybbs/util/CookieUtil.java. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-8814. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front/IndexController.java. The manipulation of the argument referer leads to open redirect. This vulnerability was named CVE-2025-8813. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /api/settings of the component Admin Panel. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-8812. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Submit #622334 / VDB-319343

Submit #622333 / VDB-319342

Submit #622331 / VDB-319341

A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the initial file sharing. The attack, dubbed “AgentFlayer,” represents a new class of zero-click exploits targeting AI-powered enterprise tools. The vulnerability was disclosed by cybersecurity researchers Michael Bargury from Zenity and […]

The post ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive appeared first on Cyber Security News.

土耳其17岁学生寻求加强简历建议，计划申请爱尔兰、波兰、爱沙尼亚大学学习网络安全或计算机科学。已添加Python项目至GitHub并考取IBM和Google证书。询问如何进一步吸引大学和雇主注意，并探讨大学期间活动及赚取被动收入的方法。

Аппарат и софт разработаны в стране, от охлаждения до алгоритмов.

8月20日上午10:00，报告主题基于路径覆盖的符号执行路径优先探索策略，可腾讯会议线上参加

8月1日，由中国信息安全测评中心牵头制定的国家标准 GB/T 45940-2025《网络安全技术 网络安全运维实施指南》正式获批发布，将于2026年2月1日正式实施。

WinRAR без патча проживёт в безопасности максимум сутки.

关键词漏洞《连线》昨日（8 月 6 日）发布博文，报道称安全研究人员在 OpenAI 的连接器（Connect

关键词漏洞8 月 9 日消息，科技媒体 bleepingcomputer 昨日（8 月 8 日）发布博文，提醒

关键词数据泄露近日，据外媒 Gbhackers报道，黑客组织 Tsar0Byte 在暗网论坛 DarkForu

当前环境异常，请完成验证后继续访问。

当前环境出现异常问题,需完成验证后方可继续访问,具体验证方法已提供,请按指引操作解决问题。

当前环境出现异常问题，需完成验证后方可继续访问。

The winners of the AI Cybersecurity Challenge (AIxCC), Team Atlanta, won a $4m prize