Редкие металлы в обмен на роутеры. Трамп заморозил технологическую войну с Пекином
Оказалось, что строить нейросети без китайского «железа» слишком дорого даже для Трампа.
Aggregator
U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog
1 day 20 hours ago
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws […]
Pierluigi Paganini
Medusa Blog
1 day 20 hours ago
You must login to view this content
cohenido
供应链情报 | 2025开源供应链投毒分析技术报告
1 day 20 hours ago
攻以守本,唯快不破!2025开源供应链投毒攻击暴涨58%,Agentic AI生态成攻防新焦点(内附完整“技术报告”,可原文下载)。
CVE-2023-45951 | lylme_spage 1.7.0 function.php userip sql injection (Issue 32 / EUVD-2023-50214)
1 day 20 hours ago
A vulnerability labeled as critical has been found in lylme_spage 1.7.0. Affected by this issue is some unknown functionality of the file function.php. The manipulation of the argument userip results in sql injection.
This vulnerability is identified as CVE-2023-45951. The attack can only be performed from the local network. Additionally, an exploit exists.
vuldb.com
CVE-2023-45952 | lylme_spage 1.7.0 ajax_link.php unrestricted upload (Issue 33 / EUVD-2023-50215)
1 day 20 hours ago
A vulnerability classified as critical has been found in lylme_spage 1.7.0. This issue affects some unknown processing of the file ajax_link.php. Performing a manipulation results in unrestricted upload.
This vulnerability is cataloged as CVE-2023-45952. The attack must originate from the local network. There is no exploit available.
vuldb.com
CVE-2023-45912 | WIPOTEC ComScale 4.3.29.21344/4.4.12.723 user session (EUVD-2023-50175)
1 day 20 hours ago
A vulnerability, which was classified as problematic, has been found in WIPOTEC ComScale 4.3.29.21344/4.4.12.723. The impacted element is an unknown function. This manipulation causes manage user sessions.
This vulnerability is tracked as CVE-2023-45912. The attack is only possible within the local network. No exploit exists.
vuldb.com
CVE-2023-45909 | ZZZCMS 2.2.0 redirect (EUVD-2023-50172)
1 day 20 hours ago
A vulnerability categorized as problematic has been discovered in ZZZCMS 2.2.0. The affected element is an unknown function. Executing a manipulation can lead to open redirect.
This vulnerability appears as CVE-2023-45909. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2023-45911 | WIPOTEC ComScale 4.3.29.21344/4.4.12.723 improper authentication (EUVD-2023-50174)
1 day 20 hours ago
A vulnerability has been found in WIPOTEC ComScale 4.3.29.21344/4.4.12.723 and classified as critical. This impacts an unknown function. Performing a manipulation results in improper authentication.
This vulnerability is cataloged as CVE-2023-45911. The attack must originate from the local network. There is no exploit available.
vuldb.com
T00ls第十三届年度(2025)人物风云榜
1 day 20 hours ago
成长的道路从来不易,风雨阻挡不了我们追逐梦想的决心,唯有坚持,才能破茧成蝶。
报告发布|《全球网络安全政策法律发展年度报告(2025)》
1 day 20 hours ago
为构建适应智能时代的全球网络安全法治体系,提供真实、系统、前瞻的知识基础与行动参考
春节“我”在岗 服务不断档!
1 day 20 hours ago
春节安全保障服务热线:400-0309-360
Space Bears
1 day 20 hours ago
You must login to view this content
cohenido
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group
1 day 20 hours ago
In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820). Been active since May 2024, the group’s operations are marked by high strategic coherence and technical sophistication. Its primary targets are professionals in Chinese universities and research institutions specializing in international relations, marine technology, and related […]
The post Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
The post Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group appeared first on Security Boulevard.
NSFOCUS
CVE-2025-71102 | Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.2 __scs_magic denial of service (WID-SEC-2026-0119)
1 day 20 hours ago
A vulnerability was found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.2. It has been classified as critical. The impacted element is the function __scs_magic. Performing a manipulation results in denial of service.
This vulnerability was named CVE-2025-71102. The attack needs to be approached within the local network. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2025-71103 | Linux Kernel up to 6.18.2/6.19-rc2 a7xx_patch_pwrup_reglist null pointer dereference (WID-SEC-2026-0119)
1 day 20 hours ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.2/6.19-rc2. This affects the function a7xx_patch_pwrup_reglist. Performing a manipulation results in null pointer dereference.
This vulnerability is cataloged as CVE-2025-71103. The attack must originate from the local network. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-1602 | Ivanti Endpoint Manager up to 2024 SU5 sql injection (WID-SEC-2026-0377)
1 day 20 hours ago
A vulnerability classified as critical was found in Ivanti Endpoint Manager up to 2024 SU5. The impacted element is an unknown function. The manipulation results in sql injection.
This vulnerability was named CVE-2026-1602. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-1603 | Ivanti Endpoint Manager up to 2024 SU4 authentication bypass (WID-SEC-2026-0377)
1 day 20 hours ago
A vulnerability, which was classified as critical, has been found in Ivanti Endpoint Manager up to 2024 SU4. This affects an unknown function. This manipulation causes authentication bypass using alternate channel.
The identification of this vulnerability is CVE-2026-1603. It is possible to initiate the attack remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-22977 | Linux Kernel up to 6.19-rc4 net sk_buff.cb allocation of resources (Nessus ID 297728 / WID-SEC-2026-0194)
1 day 20 hours ago
A vulnerability was found in Linux Kernel up to 6.19-rc4. It has been declared as critical. This affects an unknown function of the file sk_buff.cb of the component net. Such manipulation leads to allocation of resources.
This vulnerability is uniquely identified as CVE-2026-22977. The attack can only be initiated within the local network. No exploit exists.
It is recommended to upgrade the affected component.
vuldb.com
麻疹卷土重来
1 day 20 hours ago
在许多国家,麻疹已变得极为罕见,甚至一些医生从未接诊过一个病例,但这种情况正在改变。美国去年报告了逾 2000 例麻疹病例,创 30 年来纪录,且 2026 年病例数可能超过 2025 年。今年 1 月,英国、西班牙、奥地利等 6 国均失去了官方“无麻疹”认证。加拿大在去年 11 月失去“无麻疹”国家的地位,美国预计于今年 4 月步其后尘。麻疹病毒具有极强的传染性,可引起发热、咳嗽和皮疹,甚至导致死亡。数据显示,若周围人群均易感,那么每位麻疹患者平均会传染 12-18 人;若接触感染者,高达 90% 的未免疫人群会患上麻疹。好在麻疹疫苗的效果非常显著。接种一剂后,93% 的人将获得免疫力而免于感染;接种两剂后,保护率可提升至 97%。对于多数人而言,这种保护作用终身有效。当 92%~94% 的人群通过接种疫苗或既往感染获得免疫力时,麻疹病毒便无法继续传播,这种现象被称为群体免疫。然而在美国,幼儿园儿童的疫苗接种率从 2019—2020 学年的 95.2% 降至 2024—2025 学年的 92.5%,为疫情暴发打开了大门。