Aggregator

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Xavier DANEST' was reported to the affected vendor on: 2025-07-18, 68 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Alfredo Oliveira and David Fiser of Trend Research' was reported to the affected vendor on: 2025-07-18, 68 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.3 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by 'Nicholas Zubrisky (@NZubrisky) of Trend Research' was reported to the affected vendor on: 2025-07-18, 11 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz) of Trend Research' was reported to the affected vendor on: 2025-07-18, 69 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.3 AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N severity vulnerability discovered by 'Xiaobye(@xiaobye_tw) of DEVCORE Research Team' was reported to the affected vendor on: 2025-07-18, 48 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz) of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-07-18, 73 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.1 AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), William Gamazo Sanchez, and Alfredo Oliveira of Trend Research' was reported to the affected vendor on: 2025-07-18, 76 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), William Gamazo Sanchez, and Alfredo Oliveira of Trend Research' was reported to the affected vendor on: 2025-07-18, 76 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), William Gamazo Sanchez, and Alfredo Oliveira of Trend Research' was reported to the affected vendor on: 2025-07-18, 76 days ago. The vendor is given until 2025-11-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

文章描述了一种针对微信的安全漏洞攻击方式：攻击者通过篡改聊天记录中的文件元数据或内容，诱导用户点击并下载恶意文件。微信客户端在解析过程中误将恶意文件识别为正常文件，并自动从攻击者控制的服务器下载该文件。随后，攻击者利用路径穿越技术将恶意.lnk快捷方式写入用户的系统启动目录。当用户重启电脑时，恶意快捷方式会被触发，调用远程恶意代码，导致攻击者获得用户电脑的控制权（RCE）。

智能体的核心基石技术分析

Epic游戏商城限时免费赠送《席德·梅尔的文明®VI 白金版》，包含多个DLC和资料片。该版本时隔5年再次限免，《文明VI》是一款高评分回合策略单机游戏，玩家可建立帝国并发展至信息时代。

Buy Now, Pay Later (BNPL) apps are everywhere these days. Whether you’re buying sneakers or groceries, chances are you’ve seen the option to split your payments over time. It’s quick and easy. But behind the convenience is a growing privacy concern that most users know little about. A new study from Incogni digs into just how much personal information BNPL apps collect and share. The research looked at eight of the most popular BNPL apps … More →

The post Buy Now, Pay Later… with your data appeared first on Help Net Security.

本次微访谈于7月14日举行，邀请了8位专家分享了自己的观点和看法。

文章介绍了Reddit的应用下载和登录功能，并提供了导航指引。

一个开放的黑客社区，帮助新手到老手提升地下技能，并通过Discord保持活跃。

Here’s a look at the most interesting products from the past week, featuring releases from At-Bay, Immersive, NETSCOUT, Socure, and Stellar Cyber. Stellar Cyber 6.0.0 enhances automation, workflow intelligence, and user experience The 6.0.0 release builds on Stellar Cyber’s vision of delivering intelligent, efficient, and decisive security operations through automation, AI, and integration, all while remaining open, flexible, and accessible for security teams of any size or skill level. NETSCOUT Adaptive Threat Analytics improves incident … More →

The post New infosec products of the week: July 18, 2025 appeared first on Help Net Security.

Incidents Rank Among the Top Five Health Data Breaches in 2025 - So Far
A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in 2025 so far.

Joe Sykora Set to Scale Coro's SMB Cybersecurity Platform Globally Via MSP Partners
As Coro's new CEO, Joe Sykora is steering the SMB cybersecurity platform provider toward rapid international growth with a 100% partner-focused strategy, revamped operations and new tools for MSPs in an effort to dominate the underserved small and midsize business cybersecurity market.

Semperis Warns of Flaw in Windows Server 2025 Delegated Managed Service Accounts
A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.