Aggregator
Windows 版 WhatsApp 允许 Python、PHP 脚本在没有任何提示下执行
微软:VMware身份验证绕过漏洞正在被勒索团伙利用
深入贯彻总体国家安全观 推动网络安全保密工作实现高质量发展
微软蓝屏事件“致死率”高达3%
警惕:OTP被绕过!大规模短信窃取活动感染了113个国家的Android设备
巴黎奥运期间,法国境内光纤电缆遭到“重大破坏”
Chrome Security Update: Patch for Critical Flaw that Leads to Exploitation
Google has rolled out a new security update for its Chrome browser, addressing several critical vulnerabilities. The update on the Stable channel brings Chrome to version 127.0.6533.88/89 for Windows and Mac, and 127.0.6533.88 for Linux. The update will be distributed over the coming days and weeks. Critical Vulnerabilities Addressed According to Chrome reports, the latest […]
The post Chrome Security Update: Patch for Critical Flaw that Leads to Exploitation appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
慢雾:X 账号安全排查加固指南
Beware! Tycoon 2FA Phish-kit Exploits Amazon SES to Steal User Credentials
A sophisticated phishing campaign with Tycoon 2FA Phish-kit has been identified, leveraging Amazon Simple Email Service (SES) and a series of high-profile redirects to steal user credentials. The attack chain, meticulously designed to evade detection, involves multiple stages and utilizes various compromised domains and services. According to the Phishing sample analysis, The phishing attack begins […]
The post Beware! Tycoon 2FA Phish-kit Exploits Amazon SES to Steal User Credentials appeared first on Cyber Security News.
Critical OAuth Vulnerability Exposes 1 Million Sites to XSS Attacks
Security researchers have uncovered a critical vulnerability affecting over one million websites. The vulnerability combines OAuth implementation flaws with cross-site scripting (XSS) attacks. The vulnerability stems from the interaction between OAuth, a widely used authentication protocol, and XSS, a long-standing web security issue. While XSS attacks have become less prevalent due to improved security measures, […]
The post Critical OAuth Vulnerability Exposes 1 Million Sites to XSS Attacks appeared first on Cyber Security News.
亚马逊被要求召回其平台销售的 40 万件能导致死亡和触电的商品
FreeBuf早报 | 2024年巴黎奥运会应用正在窃听用户;GenAI账户凭证被盗
CVE-2024-7205 | CoolKit eWeLink Cloud Service up to 2.18.x Homepage Module insertion of sensitive information into sent data
Суперкомпьютер помог найти формулу материала прочнее алмаза
CVE-2024-6412 | HTML Forms Plugin up to 1.3.33 on WordPress cross-site request forgery
SolarWinds Patch: Critical ARM Flaws Fixed Before Exploits
SolarWinds has recently addressed 8 critical vulnerabilities pertaining to its Access Rights Manager (ARM) software. This SolarWinds patch has been released prior to the SolarWinds security flaws being exploited in the wild. In this article, we’ll focus on what that patch entails and what the consequences would have been if the vulnerabilities were exploited. SolarWinds […]
The post SolarWinds Patch: Critical ARM Flaws Fixed Before Exploits appeared first on TuxCare.
The post SolarWinds Patch: Critical ARM Flaws Fixed Before Exploits appeared first on Security Boulevard.