Aggregator

下一次 Pwn2Own 活动定于 2025 年 1 月 22 日在日本东京举行。

最近，恶意分子泄露了许多公司的数据，包括 T-Mobile、AMD 和 Apple，这些数据是从第三方 SaaS 供应商处窃取的。

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章代表

Google 至今收到了逾百亿 DMCA 删除请求，版权持有者要求从搜索结果中删除被认为侵犯了版权的网址。Google 最早披露 DMCA 删除请求时，它一年只处理数百万次请求，这一数字之

Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute

A vulnerability was found in Seagate Storage up to 3.4.1.104. It has been classified as critical. This affects an unknown part of the file /media/sda2 of the component File Upload. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2015-2876. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Как рядовые IoT-устройства становятся марионетками в хакерских играх?

Cloud Security / Phishing ProtectionGoogle's cloud division has announced that it will enforce man

Holiday Shopping Readiness: H

The Nigerian police have arrested 113 foreign individuals and their 17 Nigerian collaborators for their alleged involvement in high-level cybercrimes

In January 2024, Sonar’s Vulnerability Research identified a new vulnerability in Jenkins that could allow an attacker to read the first few lines of arbitrary files on servers…

В статье разбирается недавно выявленная уязвимость CVE-2024-30052, которая позволяет злоумышленникам использовать дамп-файлы для запуска вредоносного кода через Visual Studio. Исследование охватывает процесс обнаружения этой проблемы, уязвимые механизмы встроенных PDB и детали успешной эксплуатации, подчеркивая важность внимания к безопасности даже в привычных инструментах разработчика.

When it comes to landing a job in cybersecurity, what does it take to stand out from the pack? Try playing games.

A vulnerability has been found in Heateor Social Login Plugin up to 1.1.35 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-10020. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Video Gallery for WooCommerce Plugin up to 1.31 on WordPress and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2024-10535. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in EleForms Plugin up to 2.9.9.9 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2024-6626. It is possible to initiate the attack remotely. There is no exploit available.