Aggregator

网易与漫威合作开发的超级英雄团队射击游戏《漫威争锋》是 Steam 平台最受欢迎的游戏之一，同时在线玩家超过二十万，它目前只支持 Windows 平台。利用兼容性工具如 Valve 开发的 Linux 工具 Proton 以及 Mac 工具 Game Porting Toolkit 和 CrossOver，Linux 和 Mac 玩家也能玩上只支持 Windows 的游戏。然而 Windows 反作弊工具经常会将此类兼容性工具视为作弊软件，导致 Linux 和 Mac 玩家被错误封禁。《漫威争锋》发生了类似的故事，使用兼容性工具的玩家报告被网易永久封禁或者百年封禁，封禁时间一直持续到 2124 年。在 CodeWeavers CEO 的直接干预和玩家投诉之后，网易撤销了封禁，表示将努力提高反作弊检测的准确性。

Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses. [...]

A Threat Actor Claims to have Leaked the Data of PhoneMondo

Google и Microsoft готовятся к новым сражениям за пользователей.

闭源浏览器扩展 Pie Adblock 被指抄袭了 uBlock Origin 和 Adguard，违反了 GPLv3 授权。Pie Adblock 用于屏蔽广告的文件修改自 uBlock Origin 的 uAssets 文本规则，使用了来自 AdGuard Scriptlets 的脚本，这些代码和文本都使用了 GPL v3 授权。在受到抄袭指控之后，Pie Adblock 公布了部分资料，承认了 uBlock Origin 和 Adguard 的作者身份。Pie Adblock 由名叫 The People's Internet Experiment 的创业公司开发，其创办人是 Honey 的联合创始人 Ryan Hudson。该扩展的一大卖点是除了屏蔽广告，它还以积分奖励（reward points）的形式让用户选择浏览部分广告，该公司声称积分可以兑换成现金。截至 2024 年 12 月底，Pie Adblock 拥有逾一百万用户。

A vulnerability was found in Microsoft Windows Embedded and classified as critical. Affected by this issue is some unknown functionality of the component ClickOnce Application. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2012-0013. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in OpenStack Nova 2011.3 and classified as critical. This vulnerability affects unknown code of the component Access Restriction. The manipulation of the argument URI leads to improper access controls. This vulnerability was named CVE-2012-0030. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Microsoft Visio 2010. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2012-0018. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in Apache OpenOffice 3.3/3.4. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2012-0037. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

你所不知道的权限绕过思路分享正文这里使用的是cookie重用的思路攻击流程:攻击者使用Google搜索：site:*.support.com~结果显示xyz.support.com允许用户注册，而ab

A vulnerability, which was classified as critical, was found in Apple iOS up to 12.1.2. This affects an unknown part of the component Kernel. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2019-6208. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Oracle Solaris 11. Affected is an unknown function. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2012-1691. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Oracle Solaris 11. Affected by this vulnerability is an unknown functionality of the component Kernel/GLD. The manipulation leads to information disclosure. This vulnerability is known as CVE-2012-1698. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Quagga. It has been declared as problematic. This vulnerability affects unknown code of the file bgpd/bgp_aspath.c. The manipulation leads to denial of service. This vulnerability was named CVE-2009-1572. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Nikias Bassen usbmuxd 1.0.5/1.0.6/1.0.7. Affected is the function receive_packet in the library libusbmuxd/libusbmuxd.c. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2012-0065. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Solaris up to 11 Express. Affected is an unknown function of the component TCP/IP. The manipulation leads to denial of service. This vulnerability is traded as CVE-2012-0094. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.