Aggregator

小白教学，纯介绍内存马是什么，入个门。

因为特朗普政府的科学政策以及对科研资金的削减，法国最大的大学艾克斯-马赛大学（Aix-Marseille Université）提出了邀请面临解雇或失业的科学家前往欧洲继续研究的计划。大学在一份新闻稿中称这项科学流放计划吸引了 NASA、NIH、耶鲁和斯坦福等机构科学家的浓厚兴趣。校长 Eric Berton 表示会尽可最大努力帮助美国科学家。有 40 多名美国科学家对该计划表达了兴趣。他们的主要研究领域包括：健康（LGBT+ 医学、流行病学、传染病、不平等、免疫学等）、环境和气候变化（自然灾害管理、温室气体、社会影响、AI）、人文和社会科学（传播、心理学、历史、文化遗产）、天体物理学。被称为 Safe Place for Science 的项目最初将为 15 名研究人员提供 1500 万欧元的资金，大学表示它已与地方政府和法国工商会密切合作，为这些科学家及其家人抵达该地区提供便利，为他们提供就业、住房、入学、交通和签证方面的支持。

A Russian-speaking actor using the Telegram handle @ExploitWhispers leaked internal chat logs of Black Basta Ransomware-as-a-Service (RaaS) members on February 11, 2025. These communications, spanning from September 2023 to September 2024, have provided security researchers with unprecedented insight into the group’s operational tactics and infrastructure used to target organizations across multiple sectors. Black Basta, which […]

The post Black Basta Ransomware Attack Edge Network Devices With Automated Brute Force Attacks appeared first on Cyber Security News.

Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and users. While its scalability and integration capabilities make it a powerful tool for organizations, its misuse by adversaries for malicious purposes such as data exfiltration and phishing has raised significant security concerns. This article delves […]

The post AWS SNS Exploited for Data Exfiltration and Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function formSetSpeedWan. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2025-29029. Access to the local network is required for this attack. There is no exploit available.

A vulnerability classified as problematic was found in GLPI Inventory Plugin up to 1.4.x. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-26626. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Tenda AC9 15.03.05.19. Affected is the function formWifiWpsOOB. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-29032. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Tenda AC6 15.03.05.16. It has been rated as critical. This issue affects the function fromAddressNat. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2025-29031. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Tenda AC6 15.03.05.16. It has been declared as critical. This vulnerability affects the function formWifiWpsOOB. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-29030. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in SICK DL100-2xxxxxxx. It has been classified as problematic. This affects an unknown part. The manipulation leads to download of code without integrity check. This vulnerability is uniquely identified as CVE-2025-27593. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in HP LaserJet MFP M232-M237 Printer and classified as problematic. Affected by this issue is some unknown functionality of the component Internet Printing Protocol. The manipulation leads to improper handling of unexpected data type. This vulnerability is handled as CVE-2025-2268. The attack may be launched remotely. There is no exploit available.

总共71页，涵盖100+企业和智库的《2025版开源情报企业/智库名录》已编撰完成，考虑到企业和用户信息安全，拟以纸质方式提供给需要的用户。

总共71页，涵盖100+企业和智库的《2025版开源情报企业/智库名录》已编撰完成，考虑到企业和用户信息安全，拟以纸质方式提供给需要的用户。

A vulnerability has been found in SICK DL100-2xxxxxxx and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is known as CVE-2025-27594. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in IBM QRadar EDR 3.12. Affected is an unknown function. The manipulation leads to unprotected storage of credentials. This vulnerability is traded as CVE-2024-45638. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

DieNet Targeted the Website of Orange Egypt

A vulnerability, which was classified as problematic, has been found in demergent-labs azle up to 0.29.x. This issue affects the function setTimer. The manipulation leads to infinite loop. The identification of this vulnerability is CVE-2025-29776. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in SICK DL100-2xxxxxxx. This vulnerability affects unknown code of the component Password Handler. The manipulation leads to use of weak hash. This vulnerability was named CVE-2025-27595. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.129. This affects the function nf_conntrack_in. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2023-52927. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM QRadar EDR 3.12. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. This vulnerability is handled as CVE-2024-45643. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.