Aggregator

A vulnerability categorized as problematic has been discovered in ReBB 1.0. This affects an unknown function of the component IMG Tag Handler. Such manipulation leads to basic cross site scripting. This vulnerability is listed as CVE-2002-0413. The attack may be performed from remote. In addition, an exploit is available.

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. "SilentSync is capable of remote command execution, file exfiltration, and screen capturing," Zscaler ThreatLabz's Manisha Ramcharan Prajapati and Satyam Singh said. "SilentSync also extracts

Как библиотека x86-simd-sort осиротела и быстро нашла новую семью.

A newly discovered phishing campaign is exploiting Facebook’s external URL warning feature to dupe users into handing over their login credentials. By abusing Facebook’s “You’re about to leave Facebook” redirect mechanism, attackers can conceal malicious URLs behind the social media giant’s official domain and graphic style—making the lure appear bona fide even to cautious users. […]

The post Hackers Target Facebook Accounts in Latest Phishing Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and

A vulnerability was found in Huawei HarmonyOS 5.0.0 and classified as critical. Affected is an unknown function of the component Print Module. Executing manipulation can lead to improper access controls. This vulnerability is registered as CVE-2025-46593. The attack needs to be launched locally. No exploit is available.

A vulnerability labeled as critical has been found in Huawei HarmonyOS and EMUI. Affected is an unknown function of the component Notepad Module. Executing manipulation can lead to improper privilege management. This vulnerability is handled as CVE-2024-42036. It is possible to launch the attack on the local host. There is not any exploit available.

A vulnerability classified as problematic has been found in Huawei HarmonyOS 5.0.0. This affects an unknown function of the component VPN Module. This manipulation causes denial of service. This vulnerability appears as CVE-2024-51513. The attack requires local access. There is no available exploit.

A vulnerability was found in Huawei HarmonyOS 5.0.0. It has been rated as problematic. This affects an unknown part of the component Image Decoding Module. This manipulation causes denial of service. The identification of this vulnerability is CVE-2024-54107. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in Huawei HarmonyOS 5.0.0. This vulnerability affects unknown code of the component Image Decoding Module. Such manipulation leads to denial of service. This vulnerability is referenced as CVE-2024-54108. It is possible to launch the attack remotely. No exploit is available.

A vulnerability has been found in RURBAN Cpanel::JSON::XS up to 4.39 on Perl and classified as critical. This vulnerability affects unknown code. This manipulation causes heap-based buffer overflow. This vulnerability is registered as CVE-2025-40929. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, has been found in HPE Aruba Networking ClearPass Policy Manager up to 6.11.12/6.12.5. This impacts an unknown function of the component Web-based Management Interface. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-37122. The attack may be initiated remotely. There is no available exploit.

关键词安全漏洞Jenkins 发布了关键更新，修复了四个安全漏洞，这些漏洞可能被未经认证或低权限的攻击者利用，

关键词恶意软件2025年9月17日，安全研究团队 Point Wild 下属的 Lat61 威胁情报小组披露了

关键词勒索软件德国豪华汽车制造商 宝马集团（BMW Group） 被 Everest 勒索软件组织 在暗网泄露

关键词数据安全随着欧盟推动一项旨在打击儿童性侵内容（CSAM）的立法计划，网络舆论彻底炸锅。

Бум ИИ сделал взлом доступнее.

In the current cycle, Bitcoin has anchored most of the capital inflow. In 2025, 66% of investors selected…

本文提出了一种面向加密流量分类的多实例，通过结合数据包注意力和流注意力双层注意力机制捕捉token级和数据包级特征。

Splunk today unveiled a comprehensive guide designed to empower security teams to detect Remote Employment Fraud (REF) during the critical onboarding phase—when imposters have already passed through HR vetting and background checks and gained network access. Building on the inaugural blog, “Imposters at the Gate: Spotting Remote Employment Fraud Before It Crosses the Wire,” this […]

The post Splunk Publishes Guide to Spot Remote Work Fraud in Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.