Aggregator

A vulnerability was found in Python CPython up to 3.14.x. It has been declared as critical. Affected by this issue is the function http.cookies.Morsel. Such manipulation leads to improper input validation. This vulnerability is listed as CVE-2026-3644. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

看到 CVE-2026-0257（PAN-OS GlobalProtect 认证绕过）的细节，利用链和应急响应动作，一切都是那么熟悉。 边界类产品的暴露面最大——必须开放端口、接受外部连接、拥有最高权限。它们是攻击者的首选目标，应急响应优先级应该是最高之一。 安全团队也不能"灯下黑"。 我们天天提醒业务团队打补丁、限制访问、开 MFA， 却往往忽视自己管理的边界类、集权类安全产品： 1、防火墙/VPN 控制台暴露公网，补丁延迟打； 2、EDR/XDR 控制台"只有内网能访问"，就放松警惕； 3、漏洞扫描器、IAM/SSO 自身安全性被遗忘。 做好防护，不止是限制 IP 访问。还要加强： 1、异常行为监测：关键 API（登录、配置修改）的异常调用； 2、账号行为审计：重要账号的操作日志、基线行为模型、实时告警。 #安全产品#漏洞利用#安全事件#PaloAlto

Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused features. [...]

The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]

One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.

Hackers are creating convincing fake websites that impersonate popular security tools to trick users into downloading malware. Instead of obvious phishing pages, these sites look almost identical to real project portals, complete with professional designs and links pointing to actual GitHub repositories. The moment a user clicks the download button, something very different happens behind […]

The post Hackers Impersonate Ghidra, dnSpy, and SpiderFoot to Spread Malware via Fake Download Sites appeared first on Cyber Security News.

VMware vDefend directly conforms to NIST CSF, HIPAA, and PCI DSS requirements, providing organizations with the critical controls needed to satisfy regulatory mandates and mitigate modern threats. Regulatory compliance has become a strategic imperative across all industry sectors due to a growing global focus on data privacy, supply chain transparency, and operational resilience. This urgency … Continued

The post Validated Compliance: VMware vDefend Conforms with NIST CSF, HIPAA and PCI DSS appeared first on VMware Security Blog.

A self-replicating worm has been quietly spreading across the npm registry using a method most security teams do not watch for. Instead of hiding inside package.json scripts, the attacker weaponized a tiny configuration file called binding.gyp to trigger malicious code the moment a developer runs npm install. The campaign hit dozens of packages across multiple […]

The post binding.gyp Supply Chain Attack Compromises Dozens of npm Packages Across Maintainer Accounts appeared first on Cyber Security News.

Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.

OpenAI отказалась от публичного релиза GPT-Rosalind из-за рисков создания биологического оружия.

A vulnerability has been found in Vimesoft Corporate Messaging Platform and classified as problematic. This affects an unknown part. This manipulation causes insertion of sensitive information into sent data. The identification of this vulnerability is CVE-2025-11025. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Beyaz CityPLus 24.29375. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the component Unpublicized Web Page Handler. This manipulation causes information disclosure. This vulnerability is handled as CVE-2025-11151. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in ArkSigner AcBakImzala up to 5.1.3 and classified as critical. This vulnerability affects unknown code. Executing a manipulation can lead to inclusion of functionality from untrusted control sphere. This vulnerability is tracked as CVE-2025-11023. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Aksis Netty ERP. This affects an unknown function. The manipulation results in sql injection. This vulnerability is identified as CVE-2025-11253. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability described as problematic has been identified in CBK enVision. This affects an unknown part. Executing a manipulation can lead to information exposure through discrepancy. This vulnerability is tracked as CVE-2025-11145. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability categorized as problematic has been discovered in Proliz OBS 23.04.01/24.0927. This issue affects some unknown processing. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-11956. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Premierturk Excavation Management Information System. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to files or directories accessible. This vulnerability is registered as CVE-2025-11959. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in TP-Link Archer BE230 1.2.4. The affected element is an unknown function of the component VPN Server Configuration Module. Executing a manipulation can lead to os command injection. This vulnerability is handled as CVE-2026-22226. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Teknolist Okulistik up to 21102025. It has been declared as critical. The impacted element is an unknown function. Such manipulation leads to server-side request forgery. This vulnerability is documented as CVE-2025-11242. The attack can be executed remotely. There is not any exploit available. This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.