Aggregator

A vulnerability, which was classified as critical, has been found in TESI Gandia Integra Total. The impacted element is an unknown function of the file /encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php. Performing manipulation of the argument idestudio results in sql injection. This vulnerability is identified as CVE-2025-41376. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

В популярном почтовом сервере нашли четыре критические уязвимости.

A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data […]

The post EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ни шума, ни экипажа — только цель.

Военные стали испытательным полигоном китайского бэкдора.

关键词数据泄露网络安全研究人员近日发现，一家知名生成式 AI 开发商的服务器未加保护，导致用户隐私数据实时泄露

关键词Facebook近日，安全研究人员发现一场针对 Facebook 用户的精心策划的恶意广告活动。

关键词网络攻击网络安全研究人员近日披露了两种新出现的恶意软件，分别是针对 macOS 的后门 CHILLYHE

关键词安全漏洞此次微软的安全更新规模很大，共修复了 80 个漏洞，涵盖 Windows、Azure 及相关组件

An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is an AI-augmented fork of Visual Studio Code (VS Code), a code editor developed by Microsoft. VS Code’s Workspace Trust feature is enabled by default, ensuring that when users browse code repositories, no (potentially malicious) code can run automatically in … More →

The post Default Cursor setting can be exploited to run malicious code on developers’ machines appeared first on Help Net Security.

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to running the BlackDB cybercrime market. Kosovo police arrested Masurica on December 12, 2024 and he was extradited to the US. The online criminal marketplace BlackDB.cc has […]

今年 2 月 Netflix 发布了一部饱受诟病的科幻片《The Electric State》，由明星 Chris Pratt 以及《怪奇物语》十一的扮演者 Millie Bobby Brown 主演。这部电影本应该很快被人遗忘，如果不是它的制作成本高达 3.2 亿美元的话。3.2 亿美元给 Netflix 带来了 Metacritic 综合评分 30/100，烂番茄综合评分 14%。为了填满其内容库，Netflix 投资制作了一系列低质量原创电影，它虽然也制作过一些高质量电影如《爱尔兰人》，但在影评网站如 IMDb、Letterboxd 和 TMDB 上，Netflix 电影的综合评分远低于院线电影。Netflix 曾与知名导演 Martin Scorsese、Alfonso Cuarón 和 Bradley Cooper 合作过，但大部分项目都是一次性的，知名导演很少会再次合作。今天很多导演拒绝与 Netflix 合作，即使 Netflix 提供更多的预算。《Weapons》的导演 Zach Cregger 拒绝了 Netflix 开出的 5000 万美元预算，而是选择了华纳兄弟的 3700 万美元预算和院线上映保证。Netflix 为 Emerald Fennell 和 Margot Robbie 改编自《呼啸山庄》的电影开出了 1.5 亿美元，但他们仍然选择了华纳兄弟的 8000 万美元预算和院线上映保证。

Литий-ионные батареи уже отжили свой век? На смену приходит новый катализатор.

Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm Rapid7 said it observed a spike in intrusions involving SonicWall appliances over the past month, particularly following reports about renewed Akira ransomware activity since late July 2025. SonicWall subsequently revealed the SSL VPN activity aimed at its

CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack. They understand how to staff out their organization. They understand the intricacies of compliance. They understand what it takes to reduce risk. Yet one question comes up again and again in our conversations with these security leaders: how do I make the impact

Compromised data includes personal data such as patients’ full names, ages, phone numbers and email addresses

好在黑客获利不足1000美元

被泄露的数据类型尚不得知

A previously dormant macOS threat, ChillyHell, is reviving. Read how this malware can bypass security checks, remain hidden,…

Cursor пожертвовал безопасностью миллиона пользователей ради удобства нейросети.