Aggregator

新型恶意软件 SHUYAL 窃取19款浏览器登录信息

看雪论坛作者ID：whohh

秦始皇帝陵博物院兵马俑研究考古人员通过超景深显微镜捕捉到了 2000 多年前清晰的指纹印记，提取了指纹100多枚。研究显示兵马俑的塑造者中有未成年人。秦始皇帝陵博物院馆员李晓溪介绍，工作人员在已经修复的 40 多件陶俑身上，提取了指纹100多枚。通过对指纹进行分析比对， 获取了陶工的年龄构成， 和性别比例等信息。初步分析显示，绝大多数指纹属于成年男性，与传统认知相符，同时也发现存在少量未成年人指纹。至于在整个制作过程中 ，他们都参与了什么样的环节，存在怎样的分工差异还需要进一步分析研究。

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

33 фоновых процесса, 26 МБ трафика за 7 минут — и это ещё до компиляции.

一年一度的“大考”火热进行中，攻防演练期间本公众号会每日更新当天鲜活情报和热点漏洞，欢迎大家对我们进行收藏和关注！

2025.08.16 09:00 - 08:18 09:00，XCTF x SekaiCTF 2025即将开启！

北京谋智火狐信息技术有限公司（北京火狐）宣布，2025 年 5 月 8 日，Mozilla 与北京火狐达成一致，北京火狐将不再运营 Firefox 浏览器及任何与 Firefox 有关的中国大陆业务。自 2025 年 9 月 29 日晚 24:00 起，Firefox 火狐中文官方网站（firefox.com.cn）、Firefox 火狐社区网站（mozilla.com.cn）、Firefox 火狐通行证账户服务（accounts.firefox.com.cn）及 Firefox 火狐主页（home.firefoxchina.cn）将正式停止运营，所有相关功能将终止。自即日起，Firefox 火狐中文官方网站 www.firefox.com.cn 将不再提供 Firefox 浏览器相关产品的下载。中国火狐用户需要在 2025 年 9 月 29 日前将北京火狐服务器上的数据同步到本地，在这之后所有数据都将删除。Mozilla Firefox 用户不受任何影响。

Как автоматические системы превращают фото в оружие суда.

Личные признания, измены, аборты — и всё это теперь доступно каждому.

Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration and illicit sale of corporate databases. This group employs an opportunistic approach to target selection, with a notable preference for entities in Asian countries such as Thailand, Syria, and India. While primarily driven by profit, […]

The post Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Alkacon OpenCms 10.5.3 and classified as problematic. Affected by this vulnerability is the function gallery of the component SVG Image Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2018-8815. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in OpenEMR up to 5.0.1.3. It has been classified as critical. This affects an unknown part of the file interface/super/manage_site_files.php of the component File Upload. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2018-15139. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenEMR up to 5.0.1.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file portal/account/register.php. The manipulation leads to improper authentication. This vulnerability is known as CVE-2018-15152. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Online Voting System 1.0. It has been classified as critical. Affected is an unknown function of the component Password Handler. The manipulation leads to 7pk security features. This vulnerability is traded as CVE-2018-6180. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Open-AudIT Professional 2.1. Affected by this vulnerability is an unknown functionality. The manipulation of the argument Name/Description leads to cross site scripting. This vulnerability is known as CVE-2018-8903. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in OPAC EasyWeb Five 5.7. It has been declared as critical. This vulnerability affects unknown code of the file w2001/index.php?scelta=campi. The manipulation of the argument biblio as part of Parameter leads to sql injection. This vulnerability was named CVE-2018-17428. The attack can be initiated remotely. Furthermore, there is an exploit available.

Linux creator Linus Torvalds announced the release of Linux kernel version 6.16 on July 27, 2025, marking the end of what he described as a “nice and calm” development cycle. The latest stable release brings numerous performance improvements, networking enhancements, and driver fixes across multiple hardware platforms, continuing the kernel’s evolution with focused stability improvements […]

The post Linux 6.16 Released with Performance and Networking Enhancements appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Not all browser add-ons are handy helpers – some may contain far more than you have bargained for

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that enables attackers to bypass Apple’s Transparency, Consent, and Control (TCC) framework, potentially exposing sensitive user data including files protected by privacy controls and information cached by Apple Intelligence. Vulnerability Overview The newly discovered vulnerability, dubbed “Sploitlight” by Microsoft researchers, exploits Spotlight plugins to access private […]

The post New macOS Vulnerability Allows Attackers to Steal Private Files by Bypassing TCC appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.