Aggregator

A vulnerability has been found in Palo Alto Prisma Access Browser and classified as very critical. This vulnerability affects unknown code. The manipulation leads to Remote Code Execution. This vulnerability was named CVE-2025-0129. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Microsoft Edge. This affects an unknown part. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-29834. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

MCP 通过提供一个统一的标准接口，让不同的安全工具能够高效地连接和协同工作。

MCP 通过提供一个统一的标准接口，让不同的安全工具能够高效地连接和协同工作。

MCP 通过提供一个统一的标准接口，让不同的安全工具能够高效地连接和协同工作。

Currently trending CVE - Hype Score: 1 - A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to ...

A vulnerability was found in Ampache up to 6.3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument rule leads to cross site scripting. This vulnerability is known as CVE-2024-28852. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Security researcher Prizm Labs has discovered a serious flaw in the SuperNote A6 X2 Nomad, a well-known 7.8-inch E-Ink tablet made by Ratta Software. The flaw, now assigned CVE-2025-32409, could allow a malicious attacker on the same network to fully compromise the device without any user interaction, potentially installing a rootkit that grants complete control. […]

The post 0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control appeared first on Cyber Security News.

关键词滥用AI事件概况：👦 犯罪嫌疑人：胡某，一名在校大学生。📊 犯罪手段：非法获取个人信息并利用AI技术发送骚扰短信。

关键词间谍事件概述：📌 涉案人员：卫某，某军工集团下属研究院工作人员，兼任网络管理员和保密员。

VxWorks的固件分析 由于binwalk无法直接解包出 需要手动提取 并且包括符号表修复过程

India’s Unified Payments Interface (UPI), the backbone of the country’s digital payment ecosystem, faced a significant outage today, marking the fourth disruption in less than three weeks. The outage, which began around 10:30 AM IST, affected millions of users across major platforms like PhonePe, Google Pay, Paytm, and BHIM, as well as banking services linked […]

The post UPI Down – UPI Outage Disrupt Millions of Digital Transactions Across India appeared first on Cyber Security News.

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure. Threat actors are exploiting a recently discovered vulnerability, tracked as CVE-2025-3102 (CVSS score of 8.1) in the OttoKit WordPress plugin (formerly SureTriggers), a few hours after public disclosure. An attacker can trigger the vulnerability to create malicious administrator users when the plugin is not […]