Security Risks Persist in Open Source Ecosystem
An analysis by the Linux Foundation, OpenSSF and Harvard University found that there continues to be significant cybersecurity risks in open source software practices
Aggregator
新型漏洞攻击利用服务器进行恶意更新
9 months 1 week ago
新型漏洞攻击利用服务器进行恶意更新
黑客利用 macOS 扩展文件属性隐藏恶意代码
9 months 1 week ago
黑客利用 macOS 扩展文件属性隐藏恶意代码
Welcoming the Armenian Government to Have I Been Pwned
9 months 1 week ago
Welcoming the Armenian Government to Have I Been Pwned
Bit confused here with WPS attacks via Wifite
9 months 1 week ago
Bit confused here with WPS attacks via Wifite
钓鱼网页散播银狐木马,远控后门威胁终端安全
9 months 1 week ago
韩国机器人数量超过了工人的十分之一
9 months 1 week ago
韩国机器人数量超过了工人的十分之一
“危“”机“并存,五位网络安全大咖预警2025年安全态势
9 months 1 week ago
“危“”机“并存,五位网络安全大咖预警2025年安全态势
四大行业协会同日发布安全提示声明:审慎采购美国芯片;Safari浏览器零日漏洞或已遭利用,多个Apple应用平台被波及 | 牛览
9 months 1 week ago
四大行业协会同日发布安全提示声明:审慎采购美国芯片;Safari浏览器零日漏洞或已遭利用,多个Apple应用平台被波及 | 牛览
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
9 months 1 week ago
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Gedetineerden maken oude Defensie-uniformen gereed voor Oekraïne
9 months 1 week ago
Het Kleding- en Persoonsgebonden Uitrustingsbedrijf (KPU-bedrijf) en de Penitentiaire Inrichting Almelo slaan de handen ineen. Sinds deze week maken gedetineerden oude uniformen gereed voor de strijdkrachten in Oekraïne. Het doel is om uiteindelijk zo’n 30.000 uniformen beschikbaar te stellen voor hergebruik in het conflictgebied.
钓鱼网页散播银狐木马,远控后门威胁终端安全
9 months 1 week ago
在当今网络环境下,许多人都有通过搜索引擎下载应用程序的习惯,虽然这种方式简单又迅速,但这也可能被不法分子所利用,通过设置钓鱼网站来欺骗用户。这些钓鱼网站可能会通过各种方式吸引用户点击,从而进行病毒的传
汽车共享应用下线导致客户无法锁车和还车
9 months 1 week ago
美国汽车共享应用 Zipcar 上周五遭遇宕机事故,导致租车客户无法锁车和还车,凸显了过于依赖应用的风险。Zipcar 被用于定位汽车、解锁和锁定汽车、分享车辆图像以证明没有损坏,以及报告问题。整个过程无需与人互动。但宕机事故导致了客户无法解锁汽车,无法锁定汽车,也无法在租赁到期前归还汽车。有客户报告了逾 100 美元的延迟费,虽然客服最后表示这笔钱可以免除。还有客户称护照被锁在车内无法取出,导致错过了航班和期末考试。Zipcar 没有披露有多少人受到影响,只是表示正采取补救措施。
Gem::SafeMarshal escape / nastystereo.com
9 months 1 week ago
Gem::SafeMarshal escape / nastystereo.com
CVE-2013-1349 | openSIS up to 5.2 JAXP ajax.php modname code injection (EDB-30471 / SA55913)
9 months 1 week ago
A vulnerability was found in openSIS up to 5.2. It has been rated as critical. This issue affects some unknown processing of the file ajax.php of the component JAXP. The manipulation of the argument modname leads to code injection.
The identification of this vulnerability is CVE-2013-1349. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
“危“”机“并存,五位网络安全大咖预警2025年安全态势
9 months 1 week ago
“危“”机“并存,五位网络安全大咖预警2025年安全态势
四大行业协会同日发布安全提示声明:审慎采购美国芯片;Safari浏览器零日漏洞或已遭利用,多个Apple应用平台被波及 | 牛览
9 months 1 week ago
四大行业协会同日发布安全提示声明:审慎采购美国芯片;Safari浏览器零日漏洞或已遭利用,多个Apple应用平台被波及 | 牛览
CVE-2005-4723 | D-Link DI-624 denial of service (EDB-1496 / XFDB-24631)
9 months 1 week ago
A vulnerability classified as problematic was found in D-Link DI-624. This vulnerability affects unknown code. The manipulation leads to denial of service.
This vulnerability was named CVE-2005-4723. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
«Душа против алгоритма»: глава PlayStation о революции ИИ и человечности в играх
9 months 1 week ago
Sony отмечает юбилей и говорит о будущем игровой индустрии.
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
9 months 1 week ago
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access