Aggregator

Department store Harrods has notified e-commerce customers of a major data breach

Cybersecurity researchers have discovered what has been described as the first-ever instance of a malicious Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called "postmark-mcp" that copied an official Postmark Labs library of the same name.

研究人员发现首个真实的恶意Model Context Protocol (MCP) 服务器案例。攻击者通过伪装成合法npm包"postmark-mcp"植入恶意代码，在版本1.0.16中添加了一行代码将所有发送的邮件BCC至攻击者邮箱。该恶意行为暴露了大量敏感通信内容。

Ваш сисадмин случайно пустил хакеров внутрь.

A critical vulnerability in the open source Formbricks experience management toolbox allows attackers to reset any user’s password without authorization. Published three days ago as advisory GHSA-7229-q9pv-j6p4 by maintainer mattinannt, the flaw stems from missing JWT signature verification in Formbricks versions before 4.0.1. If an attacker learns a valid user’s internal identifier, they can forge a token […]

The post Formbricks Signature Verification Flaw Lets Attackers Reset User Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals expand malvertising campaigns from Facebook to Google Ads and YouTube, hijacking accounts to distribute crypto-stealing malware targeting financial platform users worldwide. A sophisticated malvertising campaign that initially targeted Facebook users with fake TradingView Premium offers has significantly expanded its reach, now infiltrating Google Ads and YouTube to distribute advanced cryptocurrency-stealing malware. Bitdefender researchers, who […]

The post Cybercriminals Exploit Facebook and Google Ads as Tools for Stealing Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

文章探讨了认知高但执行力不足导致的精神内耗问题，分析了拖延症的本质是对不确定性的恐惧，并提出了八个「不要做的事」以帮助读者识别和避免常见的拖延诱因。作者强调执行力的重要性，并鼓励读者通过设定明确目标、拆解任务、管理时间和接受偶尔摆烂的正常性来提升行动力。

A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers.  The vulnerability tracked as CVE-2025-59934 affects all versions prior to 4.0.1 and stems from improper token validation that uses jwt.decode() instead of jwt.verify(), allowing attackers to bypass authentication controls entirely. The […]

The post Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization appeared first on Cyber Security News.

A vulnerability was found in Red Hat Enterprise Linux 7/8/9. It has been declared as problematic. The impacted element is an unknown function of the file /etc/shadow of the component PAM. The manipulation results in information disclosure. This vulnerability is cataloged as CVE-2024-10041. The attack must be initiated from a local position. There is no exploit available.

Currently trending CVE - Hype Score: 2 - A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker ...

传播之前，尽可能有判断，有验证。简单，可靠，其实很难做到，共勉。

Голливуд отчаянно хочет приручить нейросети, но не готов нести ответственности за провал.

A critical vulnerability in Windows heap management demonstrates how improper handling of record-size fields enables arbitrary memory read and write operations.  Suraj Malhotra shared a detailed exploitation technique leveraging the Low Fragmentation Heap (LFH) mechanism to achieve code execution on Windows systems. Windows Heap Exploitation Vulnerability The Windows NT Heap operates through FrontEnd and BackEnd […]

The post Windows Heap Exploitation Vulnerability With Record’s Size Field Leads to Arbitrary R/W appeared first on Cyber Security News.

In recent weeks, a sophisticated phishing campaign has emerged, targeting organizations in Ukraine with malicious Scalable Vector Graphics (SVG) files designed to propagate the PureMiner cryptominer and a data-stealing payload dubbed Amatera Stealer. Attackers masquerade as the Ukrainian police, sending emails that claim recipients have pending appeals. When victims open the attached SVG, it triggers […]

The post Hackers Weaponizing SVG Files to Deliver PureMiner Malware and Steal Sensitive Information appeared first on Cyber Security News.

最新的模型上下文协议（MCP）漏洞排名，揭示了从提示注入到命令注入等关键风险，并为保障智能代理（Agentic AI）的安全基础提供了路线图。

加州按 GDP 计算相当于世界第四大经济体。自 2000 年以来，加州的 GDP 增长了 78%，但同期排放下降了 20%。加州过去几年在加速建造支持电动汽车的充电基础设施，2019 年它有 4.2 万个公共和共享充电桩，六个月前这一数字达到了 17.8 万，相比下加油站数量为 12 万。上周加州宣布它在六个月内又增加了 2.3 万公共共享充电桩，总数超过了 20 万，比加油站多 68%。与此同时，加州的家用充电桩数量达到了 80 万。加州能源政策机构称，94% 的加州居民居住在距离充电桩 10 分钟内的地方。加州还宣布去年所有新卡车中有 23% 是零排放，该州为电动卡车提供补贴。

A vulnerability categorized as problematic has been discovered in Omron CP1L-EL20DR-D. The impacted element is an unknown function of the component FINS Protocol Handler. The manipulation results in denial of service. This vulnerability was named CVE-2023-22357. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Screen Creator Advance 2 up to 0.1.1.4 Build01. It has been declared as problematic. Affected is an unknown function of the component Project File Handler. The manipulation results in use after free. This vulnerability was named CVE-2023-22360. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Seiko SkyBridge MB-A100 and SkyBridge MB-A110 up to 4.2.0 and classified as critical. Affected is an unknown function of the component Web UI. Executing manipulation can lead to privilege escalation. This vulnerability appears as CVE-2023-22361. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Dromara SaToken up to 1.36.0. It has been rated as critical. This vulnerability affects unknown code of the component URL Handler. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2023-44794. The attack is possible to be carried out remotely. No exploit exists.