Aggregator

Мошенники продают билеты на съемки несуществующих шоу от имени автоблогеров.

本期从AISS案例库250+个入库案例中，精选近期最具代表性的10个事件与技术案例

Startups are scaling faster, attackers are getting smarter, and investors are getting more selective. The cybersecurity industry is in the middle of a reset.

The post AI is separating the companies built to scale from the ones built to sell appeared first on CyberScoop.

安卓adbd零点击漏洞PoC发布，可远程获取设备权限

看雪论坛作者ID：TeddyBe4r

欢迎踊跃参与赢大奖

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

供应链入侵的早期阶段与维护者争议从外部看起来几乎一模一样。两者都可能涉及意外发布、权限变更以及相互矛盾的公开声明。

Checkmarx 公司第二次安全事件发生的如此之快，说明该团伙正在活跃观察再次进入的入口点、测试之前修复方案的深度并加以利用任何弱点。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

A vulnerability was found in Siemens blueplanet 100 NX3 M8, blueplanet 100 TL3 GEN2, blueplanet 105 TL3, blueplanet 105 TL3 GEN2, blueplanet 110 TL3, blueplanet 125 NX3 M11, blueplanet 125 TL3, blueplanet 125 TL3 GEN2, blueplanet 137 TL3, blueplanet 150 TL3, blueplanet 150 TL3 GEN2, blueplanet 155 TL3, blueplanet 155 TL3 GEN2, blueplanet 165 TL3, blueplanet 165 TL3 GEN2, blueplanet 25.0 NX3-33.0 NX3, blueplanet 3.0 NX3-20.0 NX3, blueplanet 3.0-5.0 NX1, blueplanet 360 NX3 M6, blueplanet 50.0 NX3-60.0 NX3, blueplanet 87.0 TL3, blueplanet 87.0 TL3 GEN2, blueplanet 92.0 TL3, blueplanet 92.0 TL3 GEN2, blueplanet gridsafe 110 TL3-S, blueplanet gridsafe 137 TL3-S, blueplanet gridsafe 92.0 TL3-S, blueplanet hybrid 10.0 TL3 and blueplanet hybrid 6.0 NH3-12.0 NH3 and classified as critical. The impacted element is an unknown function. Such manipulation leads to sql injection. This vulnerability is documented as CVE-2026-41125. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in multiparty service up to 4.2.3/4.2.x and classified as problematic. The affected element is the function push of the component Multipart Upload Handler. This manipulation causes uncaught exception. This vulnerability is registered as CVE-2026-8161. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Siemens Solid Edge SE2026 up to 226.0 Update 4. Impacted is an unknown function of the component PAR File Handler. The manipulation results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2026-44412. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Siemens Solid Edge SE2026 up to 226.0 Update 4. This issue affects some unknown processing of the component PAR File Handler. The manipulation leads to uninitialized pointer. This vulnerability is listed as CVE-2026-44411. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Siemens Teamcenter. This vulnerability affects unknown code. Executing a manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2026-33862. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.