Aggregator

Kill

Dark Feed IO
3 weeks 6 days ago

You must login to view this content

cohenido

CVE-2025-10472 | harry0703 MoneyPrinterTurbo up to 1.2.6 URL video.py download_video/stream_video file_path path traversal

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability, which was classified as critical, has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function download_video/stream_video of the file app/controllers/v1/video.py of the component URL Handler. The manipulation of the argument file_path leads to path traversal. This vulnerability is documented as CVE-2025-10472. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

Hackers using generative AI “ChatGPT” to evade anti-virus defenses

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 weeks 6 days ago

The Kimsuky APT group has begun leveraging generative AI ChatGPT to craft deepfake South Korean military agency ID cards. Phishing lures deliver batch files and AutoIt scripts designed to evade anti-virus scanning through sophisticated obfuscation. Organizations must deploy endpoint detection and response (EDR) solutions to unmask hidden scripts and secure endpoints. On July 17, 2025, […]

The post Hackers using generative AI “ChatGPT” to evade anti-virus defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

CVE-2025-41713 | WAGO Devices Configuration insecure default initialization of resource (VDE-2025-083 / EUVD-2025-29160)

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as problematic was found in WAGO Devices. The affected element is an unknown function of the component Configuration Handler. Executing manipulation can lead to insecure default initialization of resource. This vulnerability is registered as CVE-2025-41713. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-10471 | ZKEACMS 4.3 MediaController.cs Proxy url server-side request forgery

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as critical has been found in ZKEACMS 4.3. Impacted is the function Proxy of the file src/ZKEACMS/Controllers/MediaController.cs. Performing manipulation of the argument url results in server-side request forgery. This vulnerability is cataloged as CVE-2025-10471. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions

Cyber Security News
3 weeks 6 days ago

A critical permission misconfiguration in the IBM QRadar Security Information and Event Management (SIEM) platform could allow local privileged users to manipulate configuration files without authorization.  Tracked as CVE-2025-0164, the flaw stems from improper permission assignment and carries a CVSS 3.1 base score of 2.3 (AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). Key Takeaways1. CVE-2025-0164 in QRadar SIEM v7.5–7.5.0 UP13 IF01 lets privileged […]

The post IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions appeared first on Cyber Security News.

Florence Nightingale

全球人口正以更快的速度收缩

Solidot
3 weeks 6 days ago
伊斯坦布尔妇产科医生 Furkan Kayabasoglu 过去经常会为同一个家庭多次接生,如今绝大部分家庭只生一胎。去年土耳其的总和生育率低至 1.48,已经远低于 2.1 的人口更替率。而联合国人口司此前预测土耳其要到 2100 年总和生育率才会到达如此低的水平。土耳其并非例外。世界各地,从发展中国家到中等收入国家到发达国家,生育率的下降幅度都远超预期。哥伦比亚首都波哥大的总和生育率只有 0.91,甚至低于日本东京。印度的总和生育率已低于人口更替率,中国的人口已经开始萎缩。墨西哥的总和生育率为1.6,与美国相当。2024 年法国出生人口数低于 1806 年,而当时人口不到今天的一半。意大利出生人数创下了 1861 年统一以来的最低水平。非洲出生率仍然远高于全球平均水平,但其下降速度也远超预期。这一切意味着世界人口可能比专家预测的更早达到峰值,且峰值水平要低得多。世界人口可能到 2050 年代就会停止增长,而不是原来预测的 2084 年,且总数不会超过 90 亿。生育率下降的可能因素包括了女性受教育程度提高、城市化、避孕普及、养育成本急剧上升以及社会观念的转变等。

Managed ad