Aggregator

看雪论坛作者ID：TeddyBe4r

Science Robotics рассказал о самых маленьких машинах в мире.

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

PS: 文字版内容请等待本周五即将发布的文章

美国政府探索“先发制人式”打击外国黑客能力的创新方式

全环节全周期防护

Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals

Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters allegedly stole search and viewing history of Premium users via a Mixpanel data breach. Mixpanel is a product analytics platform that companies use to understand how people interact […]

Apache Causeway 是 Apache 基金会开源的 Java 企业级领域建模框架，基于 Spring Boot 架构，能够为实体类、领域服务和 ViewModel 自动生成 Web 界面与 API 接口，广泛应用于企业级管理系统的构建。 在受影响的版本中，框架在处理 ViewModel 的书签（bookmark）与 URL 片段时存在严重的安全缺陷：**系统将客户端可控的内容直接作为

Отчёты о найденных в даркнете данных уйдут в прошлое — Google назвал даты.

If you’ve ever looked at a SOC queue and thought, “Where do we even start?” you’re not alone.  Most teams face more alerts than they can realistically investigate, tools that don’t always connect, and investigations that take longer than they should.  In a recent webinar, we shared a simple framework for speeding up detection and response without overloading teams. You can watch the full […]

The post SOC Leader’s Playbook: 3 Practical Steps to Faster MTTR  appeared first on ANY.RUN's Cybersecurity Blog.

3月，我们杭州见～

再次回看传统Web内存马时的理解与思考

Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

A vulnerability labeled as problematic has been found in Yoav Farhi RTL Tester Plugin up to 1.2 on WordPress. This affects an unknown function. The manipulation results in cross-site request forgery. This vulnerability is identified as CVE-2025-64239. The attack can be executed remotely. There is not any exploit available.

A vulnerability identified as problematic has been detected in Astoundify Listify Plugin up to 3.2.5 on WordPress. The impacted element is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is referenced as CVE-2025-59009. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in Freshchat Plugin up to 2.3.4 on WordPress. The affected element is an unknown function. Executing manipulation can lead to cross-site request forgery. The identification of this vulnerability is CVE-2025-64240. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Meks Quick Plugin Disabler up to 1.0 on WordPress. It has been rated as problematic. Impacted is an unknown function. Performing manipulation results in cross-site request forgery. This vulnerability was named CVE-2025-68083. The attack may be initiated remotely. There is no available exploit.