Aggregator

Submit #649316 / VDB-324614

Submit #649315 / VDB-324613

AMD工程师正在解决Linux内核对ACPI C4状态的支持问题，以使搭载AMD处理器的Linux笔记本电脑能够进入更深度的睡眠模式，从而节省电量并延长续航时间。

美国司法部重新判处22岁的Conor Fitzpatrick三年监禁，因其曾担任非法网络犯罪论坛BreachForums的管理员，并持有儿童性虐待材料。该论坛曾涉及大量被盗数据交易。Fitzpatrick此前因轻判引发争议后被上诉推翻。

The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM). Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one count of access device

A sophisticated new campaign that represents the first documented real-world deployment of FileFix attacks beyond proof-of-concept demonstrations. This campaign marks a significant evolution in social engineering tactics, combining advanced steganographic techniques with multilayered obfuscation to deliver the StealC information stealer through an innovative attack vector that builds upon the notorious ClickFix methodology. Researchers from Acronis’ […]

The post New FileFix Steganography Campaign Spreads StealC Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

苹果为iPhone 6等旧设备发布安全更新iOS 15.8.5和iPadOS 15.8.5，修复了编号CVE-2025-43300的越界写入漏洞，该漏洞可能导致处理恶意图像时内存损坏。受影响设备包括iPhone 6s、7、SE第一代、iPad Air 2、iPad mini第四代和iPod touch第七代。

苹果为 10 年前的 iPhone 6 释出安全更新 iOS 15.8.5 和 iPadOS 15.8.5，修复了一个正被利用的安全漏洞。编号为 CVE-2025-43300 的漏洞是一个越界写入 bug 导致的，可能导致在处理恶意图像文件时内存损坏(memory corruption)。苹果称它收到了漏洞利用的报告。最新补丁适用于 iPhone 6s（所有型号）、iPhone 7（所有型号）、iPhone SE（第一代）、iPad Air 2、iPad mini（第四代）和 iPod touch（第七代）。

HackerNoon根据页面浏览量、互动和评论排名科技新闻，TechBeat发布于2025年9月17日。

文章探讨了钩子系统在编程中的应用及其优势，特别是在JavaScript、Node.js和WordPress中的实现方式，并强调了其在解耦代码和提升开发效率方面的重要性。

A vulnerability was found in SourceCodester Online Student File Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. This vulnerability is documented as CVE-2025-10595. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in SourceCodester Online Student File Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_student.php. Executing manipulation of the argument stud_id can lead to sql injection. This vulnerability is registered as CVE-2025-10594. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in SourceCodester Online Student File Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/update_student.php. Performing manipulation of the argument stud_id results in sql injection. This vulnerability is cataloged as CVE-2025-10593. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

当前环境异常，请完成验证后继续访问。

当前环境出现异常提示，请完成验证后继续访问。

当前环境出现异常，需完成验证后才能继续访问。

加密货币交易所币安正与美国司法部协商新协议，拟取消由美司法部指定的监察员三年合规监控，并转向外部机构持续监察。此举旨在节省成本并满足监管要求。此前币安因允许美国公民绕过法律进行加密交易支付43亿美元罚款及创始人服刑四个月。

A vulnerability was found in itsourcecode Online Public Access Catalog OPAC 1.0 and classified as critical. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument search_field/search_text leads to sql injection. This vulnerability is listed as CVE-2025-10592. The attack may be performed from remote. In addition, an exploit is available.

Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial environment. Why traditional honeypots fall short Honeypots are systems designed to attract attackers so that security teams can study their behavior without putting production equipment at risk. Most ICS honeypots today are low interaction, using software to simulate devices like programmable logic controllers (PLCs). These setups are useful … More →

The post How a fake ICS network can reveal real cyberattacks appeared first on Help Net Security.

近日，国家互联网信息办公室发布《国家网络安全事件报告管理办法》。