Aggregator

A vulnerability was found in MIT Kerberos 5-1.2.1/5-1.2.2/5-1.2.3/5-1.2.4. It has been declared as problematic. This affects an unknown function of the component Key Distribution Center. Such manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2003-0058. The attack may be performed from a remote location. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in MIT Kerberos 5-1.2.1/5-1.2.2/5-1.2.3/5-1.2.4. It has been classified as problematic. This issue affects some unknown processing of the component ASN.1 Decoder. The manipulation leads to denial of service. This vulnerability is listed as CVE-2002-0036. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in Kevin Langley Jr Post Type Converter Plugin up to 0.6 on WordPress and classified as problematic. This impacts an unknown function. The manipulation leads to cross-site request forgery. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is referenced as CVE-2025-48303. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability has been found in MIT Kerberos and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is referenced as CVE-2004-0772. Remote exploitation of the attack is possible. No exploit is available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in MIT Kerberos 4. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to improper authentication. This vulnerability appears as CVE-2003-0138. The attack may be performed from a remote location. There is no available exploit. You should upgrade the affected component.

Университеты думают о будущем студентов, но их настоящее уже переписано.

A vulnerability labeled as critical has been found in HP Operations Agent up to 8.60.6. The affected element is an unknown function. Such manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2012-2020. The attack can be launched remotely. Moreover, an exploit is present. The affected component should be upgraded.

For the latest discoveries in cyber research for the week of 25th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES US pharmaceutical company Inotiv has experienced a ransomware attack that resulted in the unauthorized access and encryption of certain systems and data. The Qilin ransomware gang claimed responsibility and alleged the theft […]

The post 25th August – Threat Intelligence Report appeared first on Check Point Research.

关键词网络钓鱼近期，一场精心设计的鱼叉式钓鱼行动正在加密行业蔓延。

关键词网络安全国际刑警组织（INTERPOL）8月宣布，在“塞伦盖蒂行动”第二阶段中，18个非洲国家联合执法，

关键词网络攻击印度政府近期成为黑客组织 Transparent Tribe（APT36） 的攻击目标。

关键词网络犯罪北京警方近日破获一起涉案金额高达2000万美元的比特币洗钱案件，核心人物为一家短视频平台的前员工

广受赞誉的百度大模型安全护栏插件已支持dify，为开发者提供便捷的插件接入方式。

Today we will cover a powerful, easy to use, autonomous agent called Manus. Manus is developed by the Chinese startup Butterfly Effect, headquartered in Singapore. This post demonstrates an end-to-end indirect prompt injection attack leading to a compromise of Manus’ dev box. This is achieved by tricking Manus to expose it’s internal VS Code Server to the Internet, and then sharing the URL and password with the atacker. Specifically, this post demonstrates that:

Вирус Help TDS научился сам себя обновлять и воровать данные.

Threat actors continue to use Scheduled Tasks and other built-in Windows features to create persistence in the ever-changing world of cybersecurity threats, frequently avoiding the need of external tools or complex zero-day exploits. As of 2025, despite advancements in attack techniques such as rootkits and dead-drop command-and-control (C2) mechanisms, traditional methods remain prevalent due to […]

The post Threat Actors Exploit Windows Scheduled Tasks for Stealthy Persistence Without Additional Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

2025年8月22日，XCon2025安全焦点信息安全技术峰会在北京·民航国际会议中心成功举办。

金融行业每年遭受的网络攻击是其他行业的近 300 倍，并且过去一年的事件数量显著增加。

为了更好地培养学生掌握先进的数据挖掘与分析方法，锻炼学生敏锐的情报洞察力，为将来投身于开源情报领域的工作奠定坚实的基础。特举办“第三届全国大学生开源情报数据采集与分析大赛”。

日本情报机构由外交部、国防部、国家警察局、公安情报局、内阁情报调查室五个核心机构和经济产业省、金融服务局、财政部、海岸警卫队四个附加机构组成。它们与其他机构密切合作，进行信息收集和分析，其中内阁情报调查室（CIRO）发挥着核心作用。