Aggregator

长时间玩游戏并不意味着生活、情绪或心理健康出现了问题。英国牛津大学的研究人员调查了 703 名美国成年人长时间玩任天堂 Switch 游戏对幸福感的影响，这些玩家在 150 款游戏中玩了超过 140,000 小时。分析显示，游戏时长并不能预测心理健康、情绪或生活满意度。但游戏如何融入生活则与玩家的心理健康相关。

A vulnerability was found in Xerox Desktop Print Experience up to 8.4. It has been classified as critical. This affects an unknown part. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2025-1984. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SoftEtherVPN 5.02.5187 and classified as problematic. Affected by this issue is the function UnixMemoryAlloc. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-25566. Access to the local network is required for this attack. There is no exploit available.

A vulnerability has been found in SoftEther VPN 5.02.5187 and classified as critical. Affected by this vulnerability is the function PtMakeCert/PtMakeCert2048 of the file Command.c. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-25565. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in dtp.ae tNexus Airport View 2.8. Affected is an unknown function of the file /tnexus/rest/admin/updateUser of the component API Endpoint. The manipulation of the argument ProfileID leads to Privilege Escalation. This vulnerability is traded as CVE-2025-25711. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in 1E Client up to 24.4/25.0/25.2. This issue affects some unknown processing of the component Nomad Module. The manipulation leads to link following. The identification of this vulnerability is CVE-2025-1683. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in plentico plenti up to 0.7.16. This vulnerability affects unknown code of the file /postLocal of the component svelte File Handler. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2025-26260. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in OpenText Service Manager 9.70/9.71/9.72. This affects an unknown part. The manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2025-0884. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in OpenText Service Manager 9.70/9.71/9.72/9.80. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Error Message Web Page. The manipulation leads to improper neutralization of script in an error message web page. This vulnerability is handled as CVE-2025-0883. The attack may be launched remotely. There is no exploit available.

Cahokia Unit School District #187 Allegedly Falls Victim to Qilin Ransomware Attack

Брайан Кребс подтвердил арест администратора Garantex во время семейного отдыха.

A vulnerability was found in Schneider Electric EcoStruxure Panel Server. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive information in log files. This vulnerability is known as CVE-2025-2002. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

Phishing is one of the most common and dangerous cyber threats facing organizations today. Despite growing awareness, employees often still fall victim to these attacks. Even worse, cybercriminals now have more sophisticated tools at their disposal fueled by artificial intelligence (AI). What once required a team of attackers to conduct a spear-phishing attack can [...]

The post Phishing: A Persistent Threat in the Age of AI appeared first on Hurricane Labs.

The post Phishing: A Persistent Threat in the Age of AI appeared first on Security Boulevard.

In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.

微软官方宣布从 2025 年 5 月 27 日起，Microsoft Store 中的 Remote Desktop app 不再支持或提供下载。要继续访问 Windows 365、Azure Virtual Desktop 和 Microsoft Dev Box 的用户需要过渡到 Windows App。微软称 Windows App 相比 Remote Desktop app 有诸多改进，包括通过单一界面访问多项服务如 Cloud PC 和虚拟桌面；支持自定义主屏幕、多显示器和动态显示分辨率。微软称，5 月 27 日之后，通过 Microsoft Store 中的 Remote Desktop app 访问 Windows 365、Azure Virtual Desktop 和 Microsoft Dev Box 将被阻止。这一限制不适用于通过 MSI 安装的 Remote Desktop 客户端。

A vulnerability was found in Koha up to 21.11. It has been classified as critical. Affected is an unknown function of the file /serials/lateissues-export.pl. The manipulation of the argument supplierid leads to sql injection. This vulnerability is traded as CVE-2025-22954. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in XPixelGroup BasicSR up to 1.4.2 and classified as problematic. This issue affects some unknown processing of the component Environment Variable Handler. The manipulation of the argument SLURM_NODELIST leads to Local Privilege Escalation. The identification of this vulnerability is CVE-2024-27763. An attack has to be approached locally. There is no exploit available.

Rocket Stores Allegedly Falls Victim to Cactus Ransomware Attack