Aggregator

A vulnerability was found in RVC-Boss GPT-SoVITS up to 20250228v3. It has been rated as critical. Affected by this issue is the function load_sovits_new of the file process_ckpt.py. The manipulation of the argument SoVITS_dropdown leads to deserialization. This vulnerability is handled as CVE-2025-49841. The attack may be launched remotely. There is no exploit available.

欧盟《数据法案》旨在加强数据经济，促进公平竞争和创新市场，明确工业数据使用权并提升可访问性。该法案于2023年12月通过，2025年9月生效，要求企业确保设备生成的数据可访问、共享，并符合GDPR等规定。违规将面临高额罚款。企业需调整合同、政策和技术以确保合规。

当前环境出现异常，请完成验证后继续访问。

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser's ANGLE and GPU components. "Insufficient validation of untrusted input in ANGLE and

Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized. It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign "decoy" app that's hosted on the Google Play Store and its evil twin, which is

社会工程攻击利用生成式AI和深度伪造技术快速进化，通过模仿高管、劫持社交渠道和伪造网站实施精准诈骗。攻击者采用多渠道长期策略针对企业员工、客户和合作伙伴。Doppel的实时AI平台可识别并阻止此类威胁，在损失发生前采取行动。

研究人员发现安卓恶意软件Konfety新变种利用"evil twin"技术进行广告欺诈。该恶意软件通过伪装成合法应用并共享相同包名规避检测，并采用加密APK结构、动态加载代码和虚假压缩声明等多层混淆技术增加分析难度。其滥用CaramelAds SDK获取广告并具备重定向恶意网站等功能。

Google修复了Chrome浏览器中的六个安全问题，其中包括一个已被利用的零日漏洞CVE-2025-6558。该漏洞影响ANGLE和GPU组件，可能导致沙盒逃逸。攻击者可通过恶意网页触发此漏洞以获取系统访问权限。建议用户更新至最新版本以防范威胁。

A critical security vulnerability has been discovered in Vim, the popular open-source command-line text editor, that could allow attackers to overwrite arbitrary files on users’ systems. The vulnerability, designated CVE-2025-53906, was published on July 15, 2025, and affects all versions of Vim prior to 9.1.1551. The security flaw stems from a path traversal issue within Vim’s […]

The post Command-Line Editor Vim Hit by Vulnerability Allowing File Overwrites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

为客户提供高级网络安全服务时虚构公司/人员资质和技术能力

当前环境异常，请完成验证后继续访问。

当前环境异常，请完成验证后继续访问。

A vulnerability, which was classified as problematic, has been found in Coppermine Photo Gallery. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2007-4976. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

2025年7月，一场看似普通的外交会晤，却在东北亚的政治版图上掀起了滔天巨浪。金老板与俄外长谢尔盖·拉夫罗夫

在当今世界，恐怖主义威胁日益成为国际安全的一大挑战。恐怖主义不仅威胁人民的生命安全，也严重破坏国家的和平与稳定。

Когда вымогатель платит больше, чем инвестфонд — кто настоящий стартап?

Cyber espionage campaigns against Japanese companies have increased in fiscal year 2024, which runs from April 2024 to March 2025, according to a thorough analysis published by Macnica’s Security Research Center. The main objective of these campaigns is to exfiltrate sensitive data, including manufacturing blueprints, policy-related documents, and personal information. Since initiating monitoring in 2014, […]

The post Hackers Exploit Ivanti and Fortinet VPN Vulnerabilities in Attacks on Japanese Companies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

速速围观~