Aggregator

Submit #788038 / VDB-358198

今日暂未更新资讯~
更多最新文章，请访问SecWiki

A vulnerability was found in Wavlink WL-WN579A3 220323. It has been classified as problematic. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. This vulnerability is registered as CVE-2026-6559. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Submit #788021 / VDB-358197

Submit #785303 / VDB-358196

美军《步兵》《装甲兵》《参数》等刊物2026最新发布的春季刊。

开源软件供应链安全再次拉响警报。近日，安全研究人员发现了一种新型攻击方式。

Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on […]

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. [...]

Как эксперименты по всему миру похоронили главную гипотезу устройства Вселенной.

Author, Creator & Presenter: Aaron Brown, Agentic AI Builder, AWS

Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations' YouTube Channel.

Permalink

The post [un]prompted 2026 – Trajectory-Aware Post-Training Security Agents appeared first on Security Boulevard.

注册于吉尔吉斯斯坦的加密货币交易所 Grinex 宣布暂停运营，它声称遭到敌对国家政府黑客的入侵，被盗走逾 1300 万美元加密货币。攻击针对的目标是该交易所的俄罗斯用户。Grinex 称，攻击的数字痕迹和性质表明，攻击者拥有前所未有的资源和技术，此类资源和技术通常只有敌对国家政府机构才拥有。初步数据表明攻击是经过协调的，旨在直接损害俄罗斯的金融主权。Grinex 被广泛视为是 Garantex 的新名字，Grinex 去年遭到了美国财政部的制裁。区块链研究公司 Elliptic 称，Grinex 与俄罗斯关系密切，是俄罗斯卢布兑换加密资产的最大交易所之一，迄今交易总额逾 60 亿美元。

Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client. [...]

大白鲨需要维持自身体温高于周围的海水，但在气候变化导致海洋变暖的时代，它们面临过热风险。鲨鱼属于中温动物（mesothermic），它们能利用代谢产生的热使体温高于周围海水，这具有演化上的优势，它们能拥有更高的游动速度、更强的捕食能力以及能长距离迁徙。然而在温暖的水域它们面临过热的风险，即身体产生热量的速度超过了散热的速度。中温动物在海洋暖化的时代不得不减缓游动速度、改变血液流动方式或潜入更冷的水域，捕食因人类过度捕捞而日益减少的食物。根据研究人员的计算，一吨重的温血鲨鱼难以在水温高于 17 摄氏度的水域生存。

Новый вирус-вымогатель использует виртуальные машины для обхода защиты.

NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive data protection. [...]