Submit #828785: SourceCodester Pizzafy Ecommerce System 1.0 File Inclusion [Accepted]
Submit #828785 / VDB-367648
Aggregator
«Госуслуги» и платежи в режиме блокировки. Путин поручил сохранить доступ к важным сайтам при отключении интернета
1 day 12 hours ago
Правительство и ФСБ подготовят доклад о доступности ключевых онлайн-сервисов до 1 июля.
Plesk security advisory (AV26-534)
1 day 12 hours ago
Canadian Centre for Cyber Security
Ivanti security advisory (AV26-533)
1 day 12 hours ago
Canadian Centre for Cyber Security
RaccoonLine Publishes 2026 dVPN Buyer’s Guide for Privacy-Focused Users
1 day 12 hours ago
Roma, Італія, 1st June 2026, CyberNewswire
CyberNewswire
1st June – Threat Intelligence Report
1 day 12 hours ago
For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Carnival Corporation, a global cruise line operator, has confirmed a data breach affecting nearly 6 million people after attackers used social engineering to compromise an employee account. Exposed information may include names, contact […]
The post 1st June – Threat Intelligence Report appeared first on Check Point Research.
urias
SmartApeSG Campaign Uses ClickFix Scripts to Infect Windows Hosts With RAT Malware
1 day 12 hours ago
A well-known social engineering campaign called SmartApeSG is back in the spotlight, this time using ClickFix scripts to quietly plant remote access malware on Windows computers. The campaign lures victims through fake verification pages that trick them into running a malicious script without realizing the full damage it causes. What makes this wave especially concerning […]
The post SmartApeSG Campaign Uses ClickFix Scripts to Infect Windows Hosts With RAT Malware appeared first on Cyber Security News.
Tushar Subhra Dutta
实验性药物显著延长了最致命癌症患者的生存期
1 day 12 hours ago
胰腺癌是最致命的癌症,大部分现有疗法的效果甚微。现在名为 daraxonrasib 的药物公布了 III 期临床试验结果,有 500 名胰腺癌已扩散的患者参与了试验,其中 248 名患者每日服用 daraxonrasib,其余 252 名接受化疗。结果显示,服药组的中位生存期为 13.2 个月,化疗组为 6.6 个月,也就是药物将患者的生存期延长了一倍,而且副作用更少。研究报告公布在芝加哥举行的美国临床肿瘤学会年会上,专家认为这种药物有望引领一场治疗革命。Daraxonrasib 的作用机制是靶向名为 Kras 的蛋白质,这种蛋白质驱动了几乎所有胰腺癌。药物通过粘合分子去捕获并抑制 Kras 蛋白,从而阻止肿瘤的生长。
Microsoft investigates Office Apps, Teams file access issues
1 day 12 hours ago
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. [...]
Sergiu Gatlan
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
1 day 12 hours ago
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May.
Elizabeth Montalbano
Multiple Red Hat Cloud Services npm Packages Compromised to Deploy Credential-Stealing Malware
1 day 12 hours ago
A significant supply chain attack on June 1, 2026, targeting over 30 official packages under the @redhat-cloud-services npm scope. The campaign, dubbed “Miasma: The Spreading Blight,” is a new variant of the Mini Shai-Hulud malware family a sophisticated credential-stealing worm previously linked to threat actor group TeamPCP. This is not a typosquatting campaign. The attackers […]
The post Multiple Red Hat Cloud Services npm Packages Compromised to Deploy Credential-Stealing Malware appeared first on Cyber Security News.
Guru Baran
DragonForce
1 day 13 hours ago
You must login to view this content
cohenido
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
1 day 13 hours ago
CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB) warned on Friday. About CVE-2026-41089 CVE-2026-41089 is a stack-based buffer overflow vulnerability in Windows Netlogon, the service and protocol that handles authentication and security within a Windows domain environment. The flaw can be exploited by attackers by sending a specially crafted network request to a Windows server that is acting … More →
The post Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) appeared first on Help Net Security.
Zeljka Zorz
Возвращение к истокам. Nvidia снова делает чипы для домашних ПК — но теперь это главный процессор, а не видеокарта
1 day 13 hours ago
Nvidia и Microsoft представят новые процессоры для Windows-ПК на Computex и Build.
CVE-2023-0882 | Kron Tech Single Connect up to 2.16 on Windows authorization
1 day 13 hours ago
A vulnerability was found in Kron Tech Single Connect up to 2.16 on Windows. It has been rated as critical. This affects an unknown function. Performing a manipulation results in authorization bypass.
This vulnerability is identified as CVE-2023-0882. The attack is only possible with local access. There is not any exploit available.
vuldb.com
CVE-2023-0939 | NTN Online Services Software up to 1.16 sql injection
1 day 13 hours ago
A vulnerability marked as critical has been reported in NTN Online Services Software up to 1.16. Affected by this issue is some unknown functionality. Performing a manipulation results in sql injection.
This vulnerability was named CVE-2023-0939. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2023-1114 | Eskom Bilgisayar e-Belediye prior 1.0.0.100 authorization
1 day 13 hours ago
A vulnerability was found in Eskom Bilgisayar e-Belediye. It has been rated as very critical. The impacted element is an unknown function. Performing a manipulation results in missing authorization.
This vulnerability is known as CVE-2023-1114. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2023-1064 | Uzay Baskul Weighbridge Automation Software up to 1.0 sql injection
1 day 13 hours ago
A vulnerability identified as critical has been detected in Uzay Baskul Weighbridge Automation Software up to 1.0. This impacts an unknown function. The manipulation leads to sql injection.
This vulnerability is uniquely identified as CVE-2023-1064. The attack is possible to be carried out remotely. No exploit exists.
You should upgrade the affected component.
vuldb.com
CVE-2023-0578 | ASOS Book Cites prior 23.01.05 cross site scripting
1 day 13 hours ago
A vulnerability described as problematic has been identified in ASOS Book Cites. The impacted element is an unknown function. Executing a manipulation can lead to cross site scripting.
This vulnerability is tracked as CVE-2023-0578. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2023-0577 | ASOS SOBIAD prior 23.02.01 cross site scripting
1 day 13 hours ago
A vulnerability classified as problematic has been found in ASOS SOBIAD. This affects an unknown function. The manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2023-0577. The attack may be initiated remotely. There is no available exploit.
It is recommended to upgrade the affected component.
vuldb.com