Ваш телефон только что оплатил кофе. Но не вам. И ваш антивирус даже не заметил, как это произошло
Что такое RelayNFC и почему эта схема опаснее обычного скимминга?
Aggregator
Thailand bans World iris scans, orders company to delete data
3 weeks 4 days ago
Data regulators in Thailand said they are blocking the Sam Altman-founded company Tools for Humanity from collecting iris scans in exchange for cryptocurrency payments.
科学家可能首次观察到了暗物质
3 weeks 4 days ago
科学家可能首次观察到了“看不见”的暗物质。日本东京大学研究团队利用 NASA 费米伽马射线望远镜的最新观测数据探测到了与假想的“弱相互作用大质量粒子(WIMP)”碰撞湮灭时所预测的高能光子。科学家怀疑暗物质由 WIMP 构成。这些粒子被认为比质子重,与普通物质极少相互作用。理论预测,当两个 WIMP 粒子碰撞时,它们会相互湮灭并释放出包括伽马射线光子在内的高能粒子。东京大学的 Tomonori Totani 教授报告探测到了与理论预测结果相符的 20 GeV 伽马射线光晕。研究报告本周发表在《Journal of Cosmology and Astroparticle Physic》期刊上,预印本 7 月发表在 arXiv 上。
DragonForce
3 weeks 4 days ago
You must login to view this content
cohenido
CVE-2025-50399 | FAST FAC1200R F400_FAC1200R_Q sub_80435780 Password buffer overflow
3 weeks 4 days ago
A vulnerability was found in FAST FAC1200R F400_FAC1200R_Q. It has been declared as critical. This issue affects the function sub_80435780. The manipulation of the argument Password results in buffer overflow.
This vulnerability is reported as CVE-2025-50399. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-56396 | y_project RuoYi 4.8.1 privilege escalation
3 weeks 4 days ago
A vulnerability was found in y_project RuoYi 4.8.1. It has been classified as critical. This vulnerability affects unknown code. The manipulation leads to privilege escalation.
This vulnerability is documented as CVE-2025-56396. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-46174 | y_project RuoYi 4.8.0 SysUserController.java resetPwd access control
3 weeks 4 days ago
A vulnerability was found in y_project RuoYi 4.8.0 and classified as critical. This affects the function resetPwd of the file SysUserController.java. Executing manipulation can lead to improper access controls.
This vulnerability is registered as CVE-2025-46174. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2025-50402 | FAST FAC1200R F400_FAC1200R_Q sub_80435780 fac_password buffer overflow
3 weeks 4 days ago
A vulnerability has been found in FAST FAC1200R F400_FAC1200R_Q and classified as critical. Affected by this issue is the function sub_80435780. Performing manipulation of the argument fac_password results in buffer overflow.
This vulnerability is cataloged as CVE-2025-50402. The attack must originate from the local network. There is no exploit available.
vuldb.com
CVE-2025-62354 | cursor up to 1.x os command injection
3 weeks 4 days ago
A vulnerability, which was classified as critical, was found in cursor up to 1.x. Affected by this vulnerability is an unknown functionality. Such manipulation leads to os command injection.
This vulnerability is listed as CVE-2025-62354. The attack may be performed from remote. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2025-45311 | fail2ban-client 0.11.2 permission
3 weeks 4 days ago
A vulnerability, which was classified as critical, has been found in fail2ban-client 0.11.2. Affected is an unknown function. This manipulation causes permission issues.
This vulnerability is tracked as CVE-2025-45311. The attack is only possible within the local network. No exploit exists.
vuldb.com
Play
3 weeks 4 days ago
You must login to view this content
cohenido
Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System
3 weeks 4 days ago
A cyber-attack claimed to be the resposibility of INC Ransom group and targeting the OnSolve CodeRED platform has disrupted emergency notification and exposed user data across the US
Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks
3 weeks 4 days ago
New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite.
Deeba Ahmed
Akira
3 weeks 4 days ago
You must login to view this content
cohenido
Akira
3 weeks 4 days ago
You must login to view this content
cohenido
Russian-Backed Threat Group Uses SocGholish to Target U.S. Company
3 weeks 4 days ago
The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor.
The post Russian-Backed Threat Group Uses SocGholish to Target U.S. Company appeared first on Security Boulevard.
Jeffrey Burt
Rhysida
3 weeks 4 days ago
You must login to view this content
cohenido
黄慕兰自传
3 weeks 4 days ago
黄慕兰曾与众多党史上有名的情报系统工作人员共事过,在周恩来直接领导下工作过,算是红色女特工。
'Dark LLMs' Aid Petty Criminals, But Underwhelm Technically
3 weeks 4 days ago
As in the wider world, AI is not quite living up to the hype in the cyber underground. But it's definitely helping low-level cybercriminals do competent work.
Nate Nelson, Contributing Writer
Не можешь победить — присоединяйся: Warner Music предоставит Suno AI полный доступ к своему каталогу музыки
3 weeks 4 days ago
Компания отозвала судебный иск и заключила с сервисом лицензионное соглашение.