Aggregator

Dating app Tea has been compromised by a hacker, resulting in the exposure of 13,000 selfies

Currently trending CVE - Hype Score: 8 - VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.

Currently trending CVE - Hype Score: 8 - VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain ability to perform certain high privilege operations within that VM.

作者：Rui Guo, Avinash Ayalasomayajula, Henian Li, Jingbo Zhou, Sujan Kumar Saha, Farimah Farahmandi 译者：知道创宇404实验室翻译组 原文链接：https://arxiv.org/html/2507.16203v1 摘要 使用SystemVerilog断言（SVA）进行验证是检测电路设计漏洞的最流...

Без этики генеративный ИИ опасен для науки.

国内首个！开源见微大模型基础护栏

量子计算机能破解加密吗？新西兰教授与NIST辩论。

正在大规模裁员和重组的英特尔在开源支持上撤退，关闭了 Clear Linux，一位资深 Linux 工程师兼维护者离职导致 WMI Slim Bootloader 等驱动无人维护。现在芯片巨人被发现悄悄终止了对开源深度学习框架 PlaidML 的支持，官方软件库已经存档。PlaidML 由英特尔在 2018 年收购的 Vertex.AI 开发，收购之后一直继续开发，但在经历一次大规模代码重组之后开发进度显著降低，直到今年初彻底死亡，与此同时 AI 领域的竞争在显著加速。

Баг из 1993-го нашёлся в коде ядра.

Linus Torvalds 在内核邮件列表上宣布释出 Linux 6.16，6.17 合并窗口开放。Linux 6.16 的主要新特性包括：改进性能，支持 AMD 和英特尔的新硬件，Nouveau 驱动支持英伟达 Blackwell 和 Hopper GPU，英特尔 APX 初步支持，USB 音频分流（Offloading），sysfs 报告硬/软锁死次数的，OpenVPN DCO 内核驱动改进 OpenVPN 性能，等等。

Проверенный подход, который действительно работает.

7月25日,网络犯罪分子在Steam游戏预发布中植入恶意文件导致信息窃取;同日,钓鱼者利用伪造Instagram邮件进行诈骗。7月24日,探讨年龄验证的影响;指出iPhone用户因低费率密码创建等行为面临在线风险;Malwarebytes Trusted Advisor更新提升功能。

A vulnerability has been found in Zenas PaoBacheca Guestbook 2.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file scrivi.php. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2009-3493. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Zenas PaoLink 1.0 and classified as problematic. This vulnerability affects unknown code of the file scrivi.php. The manipulation leads to cross site scripting. This vulnerability was named CVE-2009-3320. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Templateplazza Com Tpjobs. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument id_c[] leads to sql injection. This vulnerability is known as CVE-2010-0981. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Resalecode PHP Shopping Cart Selling Website Script. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument cid leads to sql injection. This vulnerability is traded as CVE-2009-4689. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Joomla CMS. Affected is an unknown function of the file index.php of the component Weblinks. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2010-2679. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in webmaster-tips Com Wmtpic 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument Itemid leads to sql injection. The identification of this vulnerability is CVE-2010-4968. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Resalecode PHP Shopping Cart Selling Website Script and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2009-4688. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in osTicket 1.6. Affected is an unknown function of the file include/class.staff.php. The manipulation of the argument Username leads to sql injection. This vulnerability is traded as CVE-2009-2361. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.