Aggregator

A vulnerability labeled as problematic has been found in Clash Verge Rev clash-verge-service-ipc up to 2.2.x. The affected element is an unknown function of the component IPC Endpoint. The manipulation results in incorrect permission assignment. This vulnerability was named CVE-2026-26422. The attack needs to be approached locally. There is no available exploit. The affected component should be upgraded.

A critical logic bug in Instagram’s web-based password reset flow on June 6, 2026, exposed unredacted email addresses and phone numbers associated with user accounts, including those belonging to high-profile individuals such as Meta CEO Mark Zuckerberg and model Georgina Rodriguez. Instagram’s parent company Meta deployed an emergency hotfix within hours of the disclosure, but […]

The post Instagram Fixes Password Reset Flaw That Exposes User Emails and Phone Numbers appeared first on Cyber Security News.

2026年6月7日 15:07软件资讯00.00K

Windows сама загрузила DLL. Хакер просто этим воспользовался.

What Happened In May 2026, the HVAC/R wholesale distributor Baker Distr

Сначала — бесплатный образец, потом — сделка с агентом под прикрытием.

一位前IBM网络安全高管指控该公司在过去十年中被外国政府三次入侵，并掩盖了这些漏洞。William Barlow在2020年提起的一项诉讼中称，IBM的内部调查发现中国黑客在2013年至2016年期间

Подростки используют популярную игру, чтобы подглядывать, запугивать и красть чужие данные.

Каждое действие теперь оставляет след в системе и оценивается по шкале риска.

今年是公司成立二十周年，我计划举办20周年主题活动，关于活动主题的定义，有点纠结，你认为哪个更好？

Microsoft хочет, чтобы система подстраивалась под привычки пользователя.

看美加墨世界杯，参与G.O.S.S.I.P暑期实习！

​别把脑子外包出去。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

A desktop speaker tethered via USB has unexpectedly morphed into a conduit for remote system compromise. Security specialist Rasmus Moorats discovered a critical flaw in the ubiquitous Sound Blaster Katana V2X soundbar. Consequently, this...

The post Acoustic Infiltration: Perceived Audio Peripheral Transformed into Remote Exploitation Bridge appeared first on Information Security News.

A vulnerability identified as critical has been detected in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is referenced as CVE-2026-10060. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability labeled as critical has been found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is identified as CVE-2026-10061. The attack can be executed remotely. Additionally, an exploit exists. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability marked as critical has been reported in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is tracked as CVE-2026-10062. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability described as critical has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is listed as CVE-2026-10063. The attack may be performed from remote. In addition, an exploit is available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability classified as critical has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name results in stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is cataloged as CVE-2026-10064. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."