Aggregator

Он должен летать на скорости 1,7 Маха и быть тише своих предшественников.

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. "When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra layer of protection

Software Supply Chain / MalwareMicrosoft has announced that Visual Studio Code (VS Code) will appl

A vulnerability, which was classified as critical, was found in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection. This vulnerability was named CVE-2026-11559. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of the argument rate/salary_rate leads to sql injection. This vulnerability is uniquely identified as CVE-2026-11558. The attack is possible to be carried out remotely. Moreover, an exploit is present.

全球核弹头数量在中朝拉动下连续4年增长瑞典斯德哥尔摩国际和平研究所6月8日发布报告称，截至今年1月，全球可投入使用的核弹头数量为9745枚，较上年增加131枚。可用弹头总数是2005年有完整统计以来首

Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent

A vulnerability classified as critical was found in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2026-11557. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as critical has been found in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. This vulnerability is known as CVE-2026-11556. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Meta has revealed that 20,225 Instagram users had their accounts hijacked in a recent incident where attackers used Meta's AI-powered support system to reset passwords. [...]

Submit #836791 / VDB-369169

Submit #836787 / VDB-367579

Submit #836790 / VDB-369168

Submit #836785 / VDB-369168

A vulnerability described as critical has been identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. This vulnerability is traded as CVE-2026-11555. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #836477 / VDB-369167

Submit #836476 / VDB-369166