Aggregator

ciscn-web-isw

Vulta Intelligence Launches as Credential Lookup Service With 14.2 Billion Indexed Records, Telegram Bot, and Pay-Per-Query ULP Extraction

一般威胁行为者登录系统时，绝不会使用真实 IP 地址。

A vulnerability, which was classified as problematic, was found in pymanager up to 26.0. Impacted is an unknown function of the component Working Directory Handler. The manipulation results in an unknown weakness. This vulnerability was named CVE-2026-5271. The attack needs to be approached locally. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in libinput. This issue affects some unknown processing of the component Lua Handler. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2026-35093. Local access is required to approach this attack. No exploit exists.

A vulnerability classified as problematic was found in libinput. This vulnerability affects unknown code. Executing a manipulation can lead to expired pointer dereference. This vulnerability is handled as CVE-2026-35094. It is possible to launch the attack on the local host. There is not any exploit available.

A vulnerability classified as problematic has been found in Tinybeans Private Family Album App 5.9.5-prod. This affects an unknown part. Performing a manipulation results in Local Privilege Escalation. This vulnerability is known as CVE-2026-30289. Attacking locally is a requirement. No exploit is available.

A vulnerability described as critical has been identified in Volcengine OpenViking up to 0.2.13. Affected by this issue is some unknown functionality of the file /bot/v1/chat. Such manipulation leads to missing authentication. This vulnerability is traded as CVE-2026-34999. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

从 40 万到 4.5 万年前，尼安德特人独自占据了欧亚大陆的大部分地区，狩猎大型动物、采集植物、熟练制造石器，用兽皮制作衣物。但他们的生存状况岌岌可危。两项新研究表明，尼安德特人以地理上相距甚远的小群体形式生存，经历了严重的近亲繁殖，7.5 万年前濒临灭绝。近亲繁殖被广泛认为不利于适应环境变化。但如果环境在较长的时间内维持稳定，近亲繁殖的群体仍然能长时间生存下来。研究人员报告，7.5 万年前，尼安德特人的遗址和骨骼遗骸广泛分布于整个欧洲大陆，​​其基因组相对多样化。但 7.5 万至 6.5 万年前的冰河时期遗址的数量减少，6 万年前所有遗传多样性全部消失只剩一条单一的谱系。4.5 万年前气候再次波动，加上现代人类抵达欧亚大陆，尼安德特人有效种群数量在三千年内急剧下降，在大约 4.2 万年前达到最低点，之后彻底消失。

A vulnerability marked as critical has been reported in Bytedance DeerFlow. Affected by this vulnerability is an unknown functionality. This manipulation causes incomplete blacklist. This vulnerability appears as CVE-2026-34430. The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.

Author, Creator & Presenter: Kody Lundell, CEH - Senior Security Engineer at Podium

Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations' YouTube Channel.

Permalink

The post BSidesSLC 2025 – Cybersecurity At Home – Protecting Your Family In A Connected World appeared first on Security Boulevard.

A vulnerability labeled as problematic has been found in Deep Thought Industries ACE Scanner PDF Scanner App 1.4.5 on Android. Affected is an unknown function of the component File Import. The manipulation results in Local Privilege Escalation. This vulnerability is reported as CVE-2026-30287. The attack requires a local approach. No exploit exists.

A vulnerability identified as critical has been detected in SourceCodester Loan Management System 1.0. This impacts an unknown function of the component Loan Plan Handler. The manipulation of the argument penalty_rate leads to business logic errors. This vulnerability is documented as CVE-2026-30522. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in LibRaw up to 0.22.0. This affects the function LibRaw::nikon_load_padded_packed_raw of the file src/decoders/decoders_libraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument load_flags/raw_width can lead to out-of-bounds read. This vulnerability is registered as CVE-2026-5342. It is possible to launch the attack remotely. Furthermore, an exploit is available. It is advisable to upgrade the affected component.

A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks.

在 Java 领域，Tomcat/WebLogic 的各种 Filter、Listener 内存马早被玩烂了，查杀方案也都很成熟。但换到 Go 语言（Golang），因为它是静态编译的，没有传统的“Web 容器”概念，大家普遍觉得它天然免疫内存马，顶多通过 cgo 或 plugin 搞点二进制注入。

Submit #781223 / VDB-354671

The Iranian government is threatening to attack the Middle East operations of more than a dozen U.S. tech companies, including Microsoft, Nvidia, and Google, calling them "legitimate targets." Meanwhile, pro-Iranian threat groups expand their operations as the U.S. and Israel continues their bombing campaign against Iran.

The post Iran Calls U.S. Tech Companies ‘Legitimate Targets,’ Threatens to Attack appeared first on Security Boulevard.

从 2025 年 3 月到 2026 年 3 月，勒索软件组织在 376 天内发布了 7,655 条受害者组织名单，平均每天约 20 条，或每 71 分钟新增一个受害者组织。对受害者名单的分析显示，在 129 个活跃的勒索软件组织中排名前五的组织发布了 3,027 条受害者名单，占总数的 40%。其中最活跃的是麒麟（Qilin），发布了 1,179 条占总数的 15.4%；其次是 Akira 的 706 条占 9.2%，INC Ransom 的 415 条 占5.4%，Play 的 386 条占 5.0%，Safepay 的 341 条占 4.5%。麒麟的受害者遍及 74 个国家，最主要受害者是美国 (438)、法国 (55)、加拿大 (48)、西班牙 (41)、英国 (36)。Akira 和 Play 的受害者都主要集中在美国。麒麟组织最初的名字叫 Agenda，2022 年 9 月改名为麒麟，沿用至今。

漏洞描述FastGPT 是一个 AI 代理构建平台。在 4.14.8.3 及以下版本中，fastgpt-preview-image.yml 工作流程易受到任意代码执行和外部贡献者秘密窃取的风险。它使用 pull_request_target（运行时可访问仓库机密），但会从拉取请求作者分支中借出代码，然后通过攻击者控制的 Dockerfile 构建并推送 Docker 映像。这也使得通过生产容器注册