Aggregator

国际刑警组织在非洲开展打击网络犯罪行动，逮捕超1200人并查获近9740万美元赃款。安哥拉关闭非法加密货币矿场，赞比亚破获大型投资诈骗案。技术快速发展为网络犯罪提供机会，西非成新热点。尼日利亚判处九名中国人参与诈骗。

微软确认8月安全更新导致部分Windows 10/11系统中NDI流媒体软件出现严重延迟和卡顿问题，影响OBS等应用。微软建议用户将NDI接收模式改为TCP或UDP以缓解问题。

A vulnerability classified as critical was found in Spacious Plugin up to 1.9.11 on WordPress. The impacted element is the function welcome_notice_import_handler of the component Demo Data Import. Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2025-9331. It is possible to launch the attack remotely. No exploit is available.

eCapture是一款基于eBPF技术的高级网络工具，专注于SSL/TLS协议的明文数据捕获与解密。它支持多协议、跨平台和多种捕获模式，并提供智能数据捕获、主密钥自动化捕获等功能。自2022年发布以来，累计获得1.4万颗星，在网络调试和安全分析领域具有重要地位。

eCapture v1.0.0 是一款功能强大、技术先进的网络工具，凭借其多协议支持、智能数据捕获、跨平台兼容性和高性能，成为开发者和安全研究人员的得力助手。通过三年的不断开发和优化，eCapture 在网络调试和安全分析领域树立了良好的口碑。

休斯顿居民李某因故意在雇主电脑系统中植入恶意代码被判四年监禁，并面临三年监督释放。其行为导致系统崩溃、用户无法登录，并造成重大损失。

A vulnerability was found in TOTVS Portal Meu RH up to 12.1.17. It has been declared as problematic. Impacted is an unknown function of the component Password Reset Handler. Executing manipulation of the argument redirectUrl can lead to open redirect. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability appears as CVE-2025-9193. The attack may be performed from a remote location. In addition, an exploit is available. It is recommended to upgrade the affected component. The vendor explains, that "[o]ur internal validation (...) confirms that the reported behavior does not exist in currently supported releases. In these tests, the redirectUrl parameter is ignored, and no malicious redirection occurs."

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 124. Affected by this vulnerability is an unknown functionality of the component xrm-ms File Handler. Executing manipulation can lead to an unknown weakness. This vulnerability is registered as CVE-2024-3863. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.

A vulnerability classified as critical has been found in N-able N-central up to 2024.6.16. Impacted is an unknown function of the component Configuration Handler. The manipulation leads to improper access controls. This vulnerability is listed as CVE-2025-7051. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Apple visionOS. This impacts an unknown function of the component File Handler. This manipulation causes memory corruption. This vulnerability is tracked as CVE-2025-31281. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Apple iOS and iPadOS. Affected is an unknown function of the component File Handler. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2025-31281. The attack may be performed from a remote location. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability, which was classified as very critical, was found in Weidmueller IE-SW-VL05M-5TX, IE-SW-VL05MT-5TX, IE-SW-VL08MT-8TX, IE-SW-VL08MT-5TX-1SC-2SCS, IE-SW-VL08MT-6TX-2SC, IE-SW-VL08MT-6TX-2ST, IE-SW-VL08MT-6TX-2SCS, IE-SW-PL10M-3GT-7TX, IE-SW-PL10MT-3GT-7TX, IE-SW-PL16M-16TX, IE-SW-PL16MT-16TX, IE-SW-PL18M-2GC-16TX and IE-SW-PL18MT-2GC-16TX. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to reliance on security through obscurity. The identification of this vulnerability is CVE-2025-41652. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability classified as critical was found in WP Crontrol Plugin up to 1.19.1 on WordPress. This issue affects the function wp_remote_request. The manipulation results in server-side request forgery. This vulnerability is identified as CVE-2025-8678. The attack can be executed remotely. There is not any exploit available.

A vulnerability described as problematic has been identified in Danfoss AK-SM8xxA up to 4.3.0. Impacted is an unknown function of the component Web Interface Configuration Setting. The manipulation results in external control of system or configuration setting. This vulnerability was named CVE-2025-41452. The attack may be performed from a remote location. There is no available exploit. Upgrading the affected component is recommended.

Zr.Ms. Friesland heeft weer een grote partij drugs onderschept in het Caribisch gebied Dat gebeurde bij acties op 11 juli en 2 augustus. De vangsten waren goed voor bijna 5.800 kilo marihuana. Dat is vandaag bekendgemaakt.

A vulnerability classified as problematic has been found in Liferay Portal and DXP. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-43748. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in Dell iDRAC Service Module up to 6.0.3.0. It has been rated as critical. This affects an unknown part. This manipulation causes buffer access with incorrect length value. This vulnerability is handled as CVE-2025-38743. It is possible to launch the attack on the local host. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Liferay Portal and DXP. It has been rated as critical. Affected by this issue is some unknown functionality of the component Workflow. This manipulation causes incorrect authorization. This vulnerability is handled as CVE-2024-38002. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in An-Themes Pin WP Plugin up to 6.9 on WordPress. It has been classified as critical. This affects an unknown function. Performing manipulation results in unrestricted upload. This vulnerability is known as CVE-2025-53251. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Dell iDRAC Service Module up to 6.0.3.0. It has been declared as problematic. Affected by this issue is some unknown functionality. The manipulation results in incorrect permission assignment. This vulnerability is known as CVE-2025-38742. Attacking locally is a requirement. No exploit is available. It is recommended to upgrade the affected component.