Aggregator

关键词🔒 一、Coinbase数据泄露余波事件升级泄露规模：确认69,461名用户敏感信息被盗，含住址、证件

关键词黑客🔓 奢侈品官网被入侵，客户隐私遭泄露！

关键词漏洞近日，新疆吐鲁番市高昌区公安局成功侦破一起破坏计算机信息系统案，这起案件不仅涉及未经检测的车用气瓶违

A vulnerability classified as problematic has been found in IDnow App up to 9.6.0 on Android. This affects an unknown part of the file AndroidManifest.xml of the component de.idnow. The manipulation leads to improper export of android application components. This vulnerability is uniquely identified as CVE-2025-7892. Local access is required to approach this attack. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #615292 / VDB-317008

A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of android application components. This vulnerability is handled as CVE-2025-7891. An attack has to be approached locally. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #615279 / VDB-317007

什么是ESP工具,chat gpt回答的：下方是静界PUBG ESP工具使用教程，r0级别的驱动读取内存+隐蔽

A vulnerability was found in Dunamu StockPlus App up to 7.62.10 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.dunamu.stockplus. The manipulation leads to improper export of android application components. This vulnerability is known as CVE-2025-7890. The attack needs to be approached locally. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component caller.id.phone.number.block. The manipulation leads to improper export of android application components. This vulnerability is traded as CVE-2025-7889. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #615271 / VDB-317006

A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The identification of this vulnerability is CVE-2025-7888. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #615270 / VDB-317005

Submit #615250 / VDB-317004

Submit #615210 / VDB-317003

A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents an evolution in social engineering tactics, combining traditional phishing techniques with audio-based deception to bypass conventional security measures and user awareness training. The malicious campaign begins with seemingly legitimate […]

The post New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users appeared first on Cyber Security News.

Unitree G1 стал интернет-сенсацией благодаря человеческим движениям и расслабленному стилю.

看雪论坛作者ID：SGSGsama

快来预约直播~

当前环境出现异常状态，需完成验证后方可继续访问系统。