Aggregator
Срочно обновите 7-Zip! Две критические уязвимости открывают хакерам прямой путь к вашей системе
CVE-2025-52630 | HCL AION 2.0 information disclosure (KB0124444)
CVE-2025-52624 | HCL AION 2.0 Content-Security-Policy Header protection mechanism (KB0124444 / EUVD-2025-33699)
CVE-2025-52625 | HCL AION 2.0 Cacheable SSL Page web browser cache containing sensitive information (KB0124444)
CVE-2025-37727 | Elastic Elasticsearch up to 7.17.29/8.18.7/8.19.4/9.0.7/9.1.4 Reindex API log file (EUVD-2025-33703 / Nessus ID 269983)
CVE-2025-61862 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser get_ovlp_element_size out-of-bounds
CVE-2025-61861 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser load_link_inf out-of-bounds
Meer energiezekerheid en voortzettingsvermogen bij duurzaamheidsaanpak Defensie
CVE-2025-61860 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser set_temp_type_default out-of-bounds
CVE-2025-61859 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser is_motion_tween out-of-bounds write
CVE-2025-61858 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser set_AnimationItem out-of-bounds write
Multimodal AI, A Whole New Social Engineering Playground for Hackers
Multimodal AI delivers context-rich automation but also multiplies cyber risk. Hidden prompts, poisoned pixels, and cross-modal exploits can corrupt entire pipelines. Discover how attackers manipulate multimodal inputs—and the governance, testing, and incident response strategies CISOs need to stay ahead.
The post Multimodal AI, A Whole New Social Engineering Playground for Hackers appeared first on Security Boulevard.
Multimodal AI, A Whole New Social Engineering Playground for Hackers
CVE-2025-61857 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser WinFontDynStrCheck out-of-bounds write
CVE-2025-61856 | Fuji Electric V-SFT up to 6.2.7.0 V-SFT File Parser WriteV7DataToRom stack-based overflow (EUVD-2025-33701)
Google Launches AI Bug Bounty with $30,000 Top Reward
Critical GitHub Copilot Vulnerability Let Attackers Exfiltrate Source Code From Private Repos
A critical vulnerability in GitHub Copilot Chat, rated 9.6 on the CVSS scale, could have allowed attackers to exfiltrate source code and secrets from private repositories silently. The exploit combined a novel prompt injection technique with a clever bypass of GitHub’s Content Security Policy (CSP), granting the attacker significant control over a victim’s Copilot instance, […]
The post Critical GitHub Copilot Vulnerability Let Attackers Exfiltrate Source Code From Private Repos appeared first on Cyber Security News.
Поздравляем, YouTube дарит вам “второй шанс” — заблокированные авторы смогут вернуться и начать всё с нуля
Autonomous AI Hacking and the Future of Cybersecurity
AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. This is going to change everything.
Over the summer, hackers proved the concept, industry institutionalized it, and criminals operationalized it. In June, AI company XBOW took the top spot on HackerOne’s US leaderboard after submitting over 1,000 new vulnerabilities in just a few months. In August, the seven teams competing in DARPA’s AI Cyber Challenge ...
The post Autonomous AI Hacking and the Future of Cybersecurity appeared first on Security Boulevard.