Aggregator

A vulnerability was found in HPE AutoPass License Server up to 9.17. It has been classified as critical. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2025-37106. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HPE AutoPass License Server up to 9.17. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2025-37107. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in HPE AutoPass License Server. This issue affects some unknown processing. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2024-51767. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in HPE AutoPass License Server. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-51769. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in HPE AutoPass License Server and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to xml external entity reference. This vulnerability is known as CVE-2024-51770. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Спецслужбы пяти стран объединились против наследников легендарного преступного синдиката.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Wayback 项目释出了 v0.1 版本。Wayland 是目前主流的显示服务器，它正在取代 X.org X11 server，后者目前处于维护模式，不再继续开发。虽然 Wayland 取得了长足进步，但仍然有很多基于 X11 的窗口管理器和桌面环境不支持 Wayland。Wayback 项目就是旨在解决这一问题，允许用户在 Wayland 上运行旧的 X11 桌面环境，它有望成为 X.org 的一个更简单更直接的替代，减轻 Linux 发行版的维护负担。v0.1 的版本号意味着它处于 alpha 状态，功能远不完整，有很多功能尚未实现或正在开发中，如多显示器支持。

Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on both Linux and Windows systems. This operation, part of a broader crypto-scam infrastructure, leverages opportunistic scanning for exposed services, abusing features like PostgreSQL’s COPY FROM PROGRAM for remote code execution […]

The post Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Наука создала первую батарейку из вечности.

AMD CEO 苏姿丰表示，台积电美国工厂制造的芯片会比台湾工厂贵 5%-20%，预计今年年底台积电亚利桑那州工厂会为 AMD 生产芯片。她表示额外的支出是值得的，有助于实现芯片供应的多元化。她称新冠疫情期间得到的教训促使他们关注供应链的弹性。苏姿丰认为 AI 芯片的供应将会持续保持高位。英伟达是最主要的 AI 芯片供应商，而 AMD 是英伟达最接近的竞争对手。

AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging attack vectors, allowing organizations to preemptively bolster defenses. During the first half of 2025, a surge in new […]

The post New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Это уже третий случай заражения игр на платформе за полгода.

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se Un, Jo

The announcement comes as an Arizona woman was sentenced to more than eight years in jail for her role in running a laptop farm.

The post US offers $15 million reward for info on North Korean nationals involved in global criminal network appeared first on CyberScoop.

CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where malicious shell commands are executed silently through ActiveXObject(“WScript.Shell”) to facilitate payload delivery. The script leverages Windows Command […]

The post Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Cisco ConfD. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component CLI. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-20326. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Fortinet FortiSIEM up to 7.2.5 and classified as problematic. This vulnerability affects unknown code of the component HTTP Request Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2024-55592. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in CADImage Plugin on IrfanView. Affected is an unknown function of the component DXF File Parser. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-7235. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in CADImage Plugin on IrfanView and classified as critical. This vulnerability affects unknown code of the component DWG File Parser. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-7239. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.