Aggregator

百度发布文心大模型 4.5 Turbo 和 X1 Turbo，价格仅为 DeepSeek 四分之一；喜马拉雅回应出售给腾讯音乐：不知晓此事；特斯拉将开启 9 小时免费充电福利，覆盖全国 50 座超级充电站

从开幕主旨演讲到各大厂商展台，代理型AI在RSAC 2025上频频出现

点击查看更多本周网络安全大事件。

点击查看更多本周网络安全大事件。

A vulnerability was found in eMedia simpleRedak up to 2.47.23.05. It has been classified as problematic. Affected is an unknown function of the file #/de/casting/show/detail/. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-33764. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Mozilla Thunderbird up to 102.7. Affected by this vulnerability is the function requestFullscreen of the component Fullscreen Mode. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2023-25730. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Thunderbird up to 102.7. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2023-25746. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in MicroWorld eScan Management Console 14.0.1400.2281. Affected by this issue is some unknown functionality of the component URL Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2023-33731. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Microsoft Edge. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2023-33143. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Simhl STHS v2 Web Portal 2.2. It has been classified as problematic. This affects an unknown part of the file prospects.php of the component Web Portal. The manipulation of the argument team leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-1217. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird up to 102.7 on Windows. This affects an unknown part of the component URL Handler. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2023-25734. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird up to 102.7.0 and classified as critical. This vulnerability affects unknown code of the component Signature Handler. The manipulation leads to improper certificate validation. This vulnerability was named CVE-2023-0430. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Thunderbird up to 102.7 on Windows. Affected by this issue is some unknown functionality of the component Printing. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2023-25738. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Tyler Buchanan, a 23-year-old Scottish Man Extradited to the US on Wednesday
Spanish authorities extradited on Wednesday the suspected head of the Scattered Spider cybercrime group to the United States, where he is being held without bail in a downtown Los Angeles federal prison. Tyler Buchanan, 23, faces charges for wire fraud, aggravated identity theft and conspiracy.

Hackers Hit Maryland Medical Group and California Hospital, Claim 480 GB Data Theft
Two separate ransomware hacks of a Maryland medical group and a California hospital resulted in data thefts affecting more than 1.1 million patients, according to recent reports to regulators. Cybercriminals claim to have leaked 480 gigabytes of data from one of the attacks.

US Cyber Agency Denies Looming Deadlines Amid Reports of Expanded Workforce Buyouts
The U.S. Cybersecurity and Infrastructure Security Agency on Friday dismissed as false reports of a looming buyout deadline and expanded resignation offers, calling them misinformation. There is no Monday deadline, a spokesperson said.

Company Eyes Product Innovation and Strategic M&A After Rapid 30x ARR Growth
CEO Varun Badhwar says Silicon Valley-based Endor Labs will use its $93 million Series B funding to build AI-powered code security tools, boost community outreach and target key acquisitions, helping enterprises secure faster, AI-assisted software development.

Threat Attack Daily - 25th of April 2025