Aggregator

Камеры следят за вами, даже когда вы не в Zoom.

Экологи предложили способ решить две проблемы одним “выстрелом”.

The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers.  The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice aims to raise awareness and encourage anyone with useful information to come forward. According to […]

The post US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful database commands by crafting unexpected query parameters. Users running Django 5.2, 5.1, or 4.2 should upgrade immediately to protect their applications. Web Vulnerability Details Django’s FilteredRelation feature helps developers write […]

The post Django Web Vulnerability Allows Attackers to Execute SQL Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability marked as problematic has been reported in Akinsoft e-Mutabakat up to 2.02.05. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-13071. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in Akinsoft e-Mutabakat up to 2.02.05. Affected is an unknown function. Executing manipulation can lead to improper restriction of excessive authentication attempts. This vulnerability is handled as CVE-2025-2417. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Vaadin Framework and vaadin-upload-flow. This impacts an unknown function. Performing manipulation results in improper input validation. This vulnerability is known as CVE-2025-9467. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques since 2021. Since at least 2021, Chinese state-sponsored cyber actors have been conducting extensive, stealthy operations to infiltrate and control key network devices across critical sectors worldwide. These malicious […]

The post Chinese APT Groups Exploit Router Flaws to Breach Enterprises appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

根据国家信息安全漏洞库（CNNVD）统计，2025年8月采集安全漏洞3628个。

Censys Inc., the developer of the eponymous internet-mapping tool, has warned of attempts by government entities to exploit

The post Censys Reveals Governments Are Exploiting Its Research Program appeared first on Penetration Testing Tools.

零信任（Zero Trust）常被定义得模糊、缺乏激励措施，而且往往是一段没有尽头的旅程。

Hackers launched a large-scale attempt to steal funds from the Brazilian company Sinqia S.A., a provider of financial

The post Hackers Hit Brazilian Payments Giant in $130M Heist appeared first on Penetration Testing Tools.

Jaguar Land Rover has disclosed a cyberattack that forced the company to temporarily shut down several critical systems.

The post Cyberattack Forces Jaguar Land Rover to Halt Production appeared first on Penetration Testing Tools.

Cloudflare has reported blocking the largest volumetric DDoS attack ever recorded, with traffic peaking at an astonishing 11.5

The post The Largest DDoS Attack in History: Cloudflare Blocks 11.5 Tbps Onslaught appeared first on Penetration Testing Tools.

The hacker collective LunaLock has introduced a new twist to the classic extortion playbook, preying on the fears

The post A New Threat to Artists: Hackers Threaten to Feed Stolen Art to AI appeared first on Penetration Testing Tools.

The research group Deep Specter Research has uncovered a multilayered scheme of phishing and brand impersonation that quietly

The post An Industrial-Scale Phishing Operation Lived Undetected for Years appeared first on Penetration Testing Tools.

Ursula von der Leyen has once again found herself at the center of a transparency scandal concerning the

The post EU Transparency in Question: von der Leyen Used Signal’s Auto-Delete appeared first on Penetration Testing Tools.

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2023-50224 is a TP-Link TL-WR841N dropbearpwd Improper Authentication Information […]