Aggregator

ИИ прочтёт ваши чаты и расскажет, о чём вы там болтали.

A vulnerability classified as critical has been found in Trellix System Information Reporter 1.0.3. Affected is an unknown function. The manipulation leads to link following. This vulnerability is traded as CVE-2025-3771. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in Trellix System Information Reporter 1.0.3. It has been rated as problematic. This issue affects some unknown processing of the component Registry Backup Folder. The manipulation leads to exposure of backup file to an unauthorized control sphere. The identification of this vulnerability is CVE-2025-3773. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Trellix System Information Reporter up to 1.0.3. It has been declared as critical. This vulnerability affects unknown code of the component ePO POST Request Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2025-3722. The attack can be initiated remotely. There is no exploit available.

Cybercriminals are increasingly leveraging large language models (LLMs) to amplify their hacking operations, utilizing both uncensored versions of these AI systems and custom-built criminal variants. LLMs, known for their ability to generate human-like text, write code, and solve complex problems, have become integral to various industries. However, their potential for misuse is evident as malicious […]

The post Cybercriminals Exploit LLM Models to Enhance Hacking Activities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

荷兰公司 Fairphone 推出了最新的模块化手机 Fairphone 6。Fairphone 6 硬件规格：6.31 英寸 120Hz LTPO OLED 显示屏，Snapdragon 7s Gen 3 芯片，12 个可更换零部件，售价 600 欧元。可更换零部件数量与上一代相同，包括了显示屏、电池、摄像头、USB-C 端口、扬声器、甚至主板。由于可更换需求，它的防护等级仅为 IP55，它获得了欧盟 A 级可修复性和耐用性认证。除了模块化设计，Fairphone 6 软件支持长达八年，一直支持到 2033 年。

A vulnerability was found in Mozilla neqo up to 0.13.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-6703. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Canonical cloud-init up to 25.1.2 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-6174. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Canonical cloud-init up to 25.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to permission issues. This vulnerability is known as CVE-2024-11584. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

Группировка выиграла в лотерею юрисдикций.

Hewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software. The flaw, tracked as CVE-2025-37101, could allow attackers with only read-only privileges to escalate their access and perform administrative actions, putting enterprise IT environments at risk. Vulnerability Overview The vulnerability, detailed […]

The post HPE OneView for VMware vCenter Vulnerability Allows Elevated Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关键词网络攻击法国警方近日突袭抓获了运营全球最大盗数据交易平台之一 BreachForum 的五名黑客。

关键词软件最近这是怎么了？“炒股，短视频，购物”三大平台相继“崩溃”，先是同花顺APP崩了；隔天就是抖音，淘宝相继也挂了，首页打不开、搜索无响应，登上微博热搜。

SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn’t. These platforms weren’t built with full-scale data

Check Point Research has uncovered a renewed global spear-phishing campaign orchestrated by the Iranian threat actor Educated Manticore, also known as APT42, Charming Kitten, and Mint Sandstorm. Linked to the IRGC Intelligence Organization, this group has intensified its operations amid growing Iran-Israel tensions, targeting high-value individuals with meticulously crafted attacks. The campaign, which has seen […]

The post Iranian Spear-Phishing Attack Impersonates Google, Outlook, and Yahoo Domains appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The ClickFix social engineering technique has become the second most common attack vector, behind only phishing, according to ESET research

文章探讨了网络风险管理的重要性，指出成熟策略结合自动化和AI能有效降低风险，并强调数据整合和跨部门沟通对提升组织韧性的作用。

内存安全漏洞被视作当前最持久也最危险的软件漏洞类型。