Aggregator

A vulnerability was suspected in Linux Kernel up to 5.15.158/6.1.90/6.6.30/6.8.9. This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.

EA 在一位 MOD 开发者 Luke "CCHyper" Feenan 帮助下在 GPLv3 许可证下公开了多款《命令与征服》系列游戏的源代码，其中包括：原版《命令与征服》（aka《泰伯利亚黎明》）、《命令与征服：红色警戒》、《命令与征服：叛逆者》、《命令与征服：将军》 及其扩展《零点行动》。EA 还为 Steam 上的《命令与征服》系列加入 Steam Workshop 支持，允许社区的地图创作者创作自定义地图并发布在 Steam 上。EA 还发布了 C&C Modding Support 包，提供了原游戏开发商 Westwood 使用的 SAGE 引擎的 Xml、Schema、Script、Shader 和 Map 文件。

A vulnerability has been found in Online Shop Store 1.0 and classified as problematic. This vulnerability affects unknown code of the file login.php. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51213. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Axigen Mail Server up to 10.3.3.66/10.4.41/10.5.27/10.5.28 and classified as problematic. This issue affects some unknown processing. The manipulation of the argument themeMode/_h leads to cross site scripting. The identification of this vulnerability is CVE-2024-50601. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in SAP NetWeaver Application Server ABAP up to KRNL64UC 7.53. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-47593. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /vm/doctor/edit-doc.php. The manipulation of the argument name leads to cross site scripting. This vulnerability is handled as CVE-2024-11102. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in NetAdmin IAM system 4.0.30319. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /BalloonSave.ashx. The manipulation of the argument Content leads to cross site scripting. This vulnerability is handled as CVE-2024-51026. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as very critical, has been found in SAP Web Dispatcher up to WEBDISP 7.77. This issue affects some unknown processing. The manipulation leads to incomplete filtering of special elements. The identification of this vulnerability is CVE-2024-47590. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Mozilla Firefox, Firefox ESR and Thunderbird. This affects an unknown part of the component IonMonkey JIT Compiler. The manipulation as part of Proto Mutation leads to incorrect type conversion. This vulnerability is uniquely identified as CVE-2019-9813. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in gdam123 0.933/0.942. It has been classified as critical. This affects an unknown part. The manipulation of the argument filename leads to memory corruption. This vulnerability is uniquely identified as CVE-2002-1812. The attack needs to be approached locally. Furthermore, there is an exploit available.

Рядовые пользователи даже не подозревают, что их техника работает на хакеров.

过了个年，DeepSeek 火得一塌糊涂。不得不说，DeepSeek 除了卡，是真的好用。这篇文章将使用 DeepSeek 对业内几家知名免费 WAF 产品做出测评。

过了个年，DeepSeek 火得一塌糊涂。不得不说，DeepSeek 除了卡，是真的好用。这篇文章将使用 DeepSeek 对业内几家知名免费 WAF 产品做出测评。

过了个年，DeepSeek 火得一塌糊涂。不得不说，DeepSeek 除了卡，是真的好用。这篇文章将使用 DeepSeek 对业内几家知名免费 WAF 产品做出测评。

过了个年，DeepSeek 火得一塌糊涂。不得不说，DeepSeek 除了卡，是真的好用。这篇文章将使用 DeepSeek 对业内几家知名免费 WAF 产品做出测评。

HackerNews 编译，转载请注明出处： 美国联邦调查局（FBI）将 Bybit 平台的黑客攻击归咎于朝鲜黑客组织 TraderTraitor，随着更多技术细节的曝光，这一事件的来龙去脉逐渐清晰。 Bybit 平台在 2 月 21 日遭受攻击，导致近 15 亿美元的以太坊加密货币被盗。此次攻击迅速被指向朝鲜黑客，尤其是臭名昭著的 Lazarus 组织。 FBI 在周三发布的一份警报中表示，他们自 2022 年以来一直在监控的 TraderTraitor 是此次攻击的幕后黑手。FBI 过去曾指出，TraderTraitor 是 Lazarus 组织的另一个名称，但网络安全行业的部分成员将其描述为专门针对加密货币攻击的 Lazarus 行动。Lazarus 组织还以从事网络间谍活动和破坏性行动而闻名。 FBI 表示：“TraderTraitor 的行动者迅速行动，将部分被盗资产转换为比特币和其他虚拟资产，并分散到多个区块链上的数千个地址。预计这些资产将进一步被清洗，并最终转换为法定货币。” FBI 此前还曾将 TraderTraitor 与从 Bitcoin.DMM.com 盗取 3.08 亿美元加密货币的事件联系起来。该机构已公布了一份朝鲜威胁行为者已知使用的加密货币地址列表。 Bybit 声称自己是全球第二大加密货币交易所（按交易量计算），已启动漏洞赏金计划，以努力追回被盗资金，向成功冻结资金的实体提供追回金额的 5%，并向帮助追踪资金的实体提供 5%。 然而，截至目前，只有 3%（4200 万美元）的被盗加密货币被冻结，这是在黑客攻击曝光后不久被阻止的金额——此后似乎没有其他资金被追回。目前近 9500 万美元被标记为“等待回应”。 Bybit 表示，已向帮助追踪和冻结资金的实体支付了超过 400 万美元的赏金。该公司指出，一些加密货币服务拒绝合作。 Bybit 联合创始人兼首席执行官 Ben Zhou 表示：“我们已指派一个团队来维护和更新这个网站，我们将不会停止，直到 Lazarus 或行业中的恶意行为者被消除。未来，我们还将向其他 Lazarus 的受害者开放这个漏洞赏金平台。” 该加密货币交易所已向客户保证，即使被盗资金无法追回，他们的资产也是有保障的，公司依然具有偿付能力。 Bybit 已聘请 Sygnia 和 Verichains 对此次事件进行调查，这些公司声称已确定了根本原因——攻击涉及来自 Safe{Wallet} 基础设施（特别是 AWS S3 存储桶）的恶意代码，没有迹象表明 Bybit 自己的基础设施被攻破。 Safe{Wallet} 是一个去中心化托管协议和集体资产管理平台，发表声明确认其成为 Lazarus 黑客的目标，黑客攻破了一名 Safe{Wallet} 开发者的机器。该公司指出，其智能合约未受影响，前端及其服务的源代码也未受影响。 根据目前掌握的信息，攻击者似乎在 2 月 19 日将一个恶意的 Safe{Wallet} JavaScript 文件替换为恶意代码，该代码针对 Bybit 的以太坊冷钱包，设计在下一次交易期间激活，这次交易发生在 2 月 21 日。 恶意代码在签名过程中操纵了交易内容，使其看起来像是将资金转移到正确的地址，而实际上资金却转入了黑客控制的地址。 攻击者随后迅速从 Safe{Wallet} JavaScript 文件中移除了恶意代码。 Chainalysis 于周三发布的《2025 年加密货币犯罪报告》显示，根据目前收集到的数据，2024 年用于非法活动的加密货币地址收到了大约 400 亿美元，但预计一旦所有数据被分析，这一金额将增加到 510 亿美元。   消息来源：Security Week；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Octopus Deploy. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Tagset Handler. The manipulation leads to permission issues. This vulnerability is handled as CVE-2022-2258. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Sunshine Photo Cart Plugin up to 3.0.24 on WordPress. This affects an unknown part of the component Invoice Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-1294. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability has been found in SKT Page Builder Plugin up to 4.1 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-1337. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Directorist Plugin up to 7.8.4 on WordPress and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-1322. The attack needs to be initiated within the local network. There is no exploit available.