Posts of last 24 hours
A vulnerability, which was classified as problematic, was found in Foxit PDF Editor and PDF Reader up to 2026.1.1. The impacted element is the function pdf_colorspace_process of the file pdf_colorspace.c of the component Color Space Handler. The manipulation of the argument function results in out-of-bounds read.
This vulnerability is reported as CVE-2026-57255. The attack can be launched remotely. No exploit exists.
You should upgrade the affected component.
https://vuldb.com/vuln/376813
A vulnerability, which was classified as problematic, has been found in Foxit PDF Editor and PDF Reader up to 2026.1.1. The affected element is an unknown function of the component Annotation. The manipulation leads to denial of service.
This vulnerability is documented as CVE-2026-57254. The attack can be initiated remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/376812
A vulnerability has been found in Foxit PDF Editor and PDF Reader up to 2026.1.1 and classified as problematic. Impacted is an unknown function of the component Annotation. The manipulation leads to denial of service.
This vulnerability is traded as CVE-2026-57245. It is possible to initiate the attack remotely. There is no exploit available.
The affected component should be upgraded.
https://vuldb.com/vuln/376800
Australia warns of a global campaign exploiting CMS flaws to deploy webshells on WordPress, Joomla, and other websites. Australia’s Signals Directorate has issued an alert about a large-scale exploitation campaign actively targeting content management systems (CMS) worldwide, with many small and medium-sized Australian businesses already hit. Attackers are scanning websites for known vulnerabilities, deploying webshells […]
https://securityaffairs.com/195208/security/australia-alerts-organizations-to-ongoing-cms-exploitation-attacks.html
An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history.
From that one lapse, French security firm Lexfo lifted the operator's entire toolkit and pivoted through it to two more
https://thehackernews.com/2026/07/misconfigured-server-reveals-three.html
39988 元,极致质价比重构四足开发平台标准。
https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110460&idx=1&sn=5a34c5794ebb71bf972c8d979f2d794a
尽管一项亿万富翁税提案导致部分超级富翁离开加州,但加州在今年内吸引的风投资金远超美国任何州。加州吸引了逾 3350 亿美元资金,排名第二的纽约州不到其十分之一,德州仅为其四十分之一。加州拥有的顶尖 AI 人才令其吸引力经久不衰。加州去年经济增长率 5%,GDP 达到创纪录的 4.25 万亿美元,经济规模仅次于美国、中国和德国。它拥有近 400 家估值达到十亿美元的初创公司,超过美国其他任何州。硅谷吸引了 980 亿美元的风投,之后是纽约的 115 亿美元,洛杉矶的 80 亿美元。加州近 90% 的投资流向了 AI 公司,去年这一比例是 65%。
https://www.solidot.org/story?sid=84812
Новая модель находит скрытые связи между сном, сердечным ритмом, активностью и психологическим состоянием.
https://www.securitylab.ru/news/574753.php
速修复
https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526606&idx=2&sn=92be8299dea05a32e51baa1cad82b509
速修复
https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526606&idx=1&sn=98ad31e009af96d9536be560cb9f7fa3