Aggregator

CVE-2026-4623 | DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00 API Module /api/System.php url server-side request forgery (EUVD-2026-14696)

Vuldb Updates
8 hours 34 minutes ago
A vulnerability has been found in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00 and classified as critical. This affects an unknown function of the file /api/System.php of the component API Module. The manipulation of the argument url leads to server-side request forgery. This vulnerability is documented as CVE-2026-4623. The attack can be initiated remotely. Additionally, an exploit exists. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is suggested to install a patch to address this issue.
vuldb.com

CVE-2026-4624 | SourceCodester Online Library Management System 1.0 Parameter /home.php searchField sql injection (EUVD-2026-14698)

Vuldb Updates
8 hours 34 minutes ago
A vulnerability classified as critical has been found in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. This vulnerability is identified as CVE-2026-4624. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

CVE-2026-33307 | airtower-luna mod_gnutls up to 0.12.2 on Apache gnutls_x509_crt_init x509[] stack-based overflow (EUVD-2026-14692)

Vuldb Updates
8 hours 34 minutes ago
A vulnerability was found in airtower-luna mod_gnutls up to 0.12.2 on Apache and classified as critical. This impacts the function gnutls_x509_crt_init. Executing a manipulation of the argument x509[] can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2026-33307. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now!

Cyber Security News
8 hours 39 minutes ago

A massive attack surface involving outdated Microsoft Internet Information Services (IIS) servers. During Shadowserver’s daily network scans on March 23, 2026, researchers identified over 511,000 End-of-Life (EOL) IIS instances actively connected to the internet. This widespread exposure presents a serious security risk for organizations worldwide, as these obsolete servers no longer receive standard security patches. […]

The post 511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now! appeared first on Cyber Security News.

Abinaya

Weekly Update 496

不安全
8 hours 42 minutes ago
好的,我现在要帮用户总结这篇文章的内容,控制在100字以内。首先,我需要仔细阅读文章,理解其主要观点。 文章开头提到OpenClaw的表现,将其比作第一架飞机飞行,虽然摇摇晃晃,但潜力巨大。接着讨论了AGI(人工通用智能)可能带来的变革,并指出尽管有人夸大其词,但作者已经找到一些有用的应用,并计划在下周的视频中详细讨论。 接下来,我需要提取关键信息:OpenClaw、AGI潜力、技术初期的不稳定、作者的应用发现以及未来的视频计划。然后将这些点浓缩成一句话,确保不超过100字。 可能的结构是:描述OpenClaw的潜力和现状,提到AGI的影响,以及作者的应用和计划。这样既全面又简洁。 最后检查字数,确保符合要求,并且表达清晰。 文章描述了OpenClaw的潜力及其对AGI(人工通用智能)未来发展的可能性,并指出尽管当前技术尚不成熟,但已发现其在实际应用中的价值。

Weekly Update 496

Troy Hunt
8 hours 42 minutes ago

Watching OpenClaw do its thing must be like watching the first plane take flight. It's a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I

Troy Hunt

CVE-2018-25032 | Oracle Communications Diameter Signaling Router 8.6.0.0 Platform denial of service (EUVD-2022-1454 / Nessus ID 236737)

Vuldb Updates
8 hours 49 minutes ago
A vulnerability was found in Oracle Communications Diameter Signaling Router 8.6.0.0. It has been rated as critical. The impacted element is an unknown function of the component Platform. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2018-25032. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2018-25032 | Oracle Communications Session Border Controller 8.4/9.0/9.1 System denial of service (EUVD-2022-1454 / Nessus ID 236737)

Vuldb Updates
8 hours 49 minutes ago
A vulnerability classified as critical was found in Oracle Communications Session Border Controller 8.4/9.0/9.1. This vulnerability affects unknown code of the component System. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2018-25032. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2018-25032 | Oracle Outside In Technology 8.5.6 Outside In Filters denial of service (EUVD-2022-1454 / Nessus ID 236737)

Vuldb Updates
8 hours 49 minutes ago
A vulnerability was found in Oracle Outside In Technology 8.5.6. It has been declared as critical. Impacted is an unknown function of the component Outside In Filters. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2018-25032. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2018-25032 | Oracle Communications Cloud Native Core Security Edge Protection Proxy Installer denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
8 hours 49 minutes ago
A vulnerability, which was classified as critical, was found in Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1. This affects an unknown part of the component Installer. Executing a manipulation can lead to denial of service. The identification of this vulnerability is CVE-2018-25032. The attack may be launched remotely. There is no exploit available.
vuldb.com

拉瓜迪亚机场在致命碰撞事故后重新开放

不安全
8 hours 58 minutes ago
好的,我现在要帮用户总结一下这篇文章的内容。首先,我需要仔细阅读文章,理解发生了什么事情。文章讲的是美国纽约市拉瓜迪亚机场发生了一起跑道相撞事故,一架客机与紧急救援车辆相撞,导致两名飞行员丧生,还有数十人受伤。机场在周一重新开放了。 接下来,我需要提取关键信息:时间、地点、事故双方、伤亡情况以及后续处理。时间是周日午夜,地点是拉瓜迪亚机场,事故涉及加拿大快运航空的客机和一辆消防车。伤亡情况是两名飞行员遇难,41人受伤住院。此外,飞机是由Jazz Aviation代表加拿大航空运营的AC8646航班,在进入跑道时就撞上了消防车,导致车辆翻覆和飞机起火。 现在我要把这些信息浓缩到100字以内。首先确定主要事件:跑道相撞事故导致两名飞行员死亡和多人受伤。然后补充细节:发生在周日午夜,客机来自蒙特利尔的加拿大快运航空,撞上消防车后引发火花、浓烟和碎片。最后提到机场在周一重新开放。 检查是否有遗漏的重要信息:41人受伤住院,包括乘客、机组人员和救援人员;消防车被撞翻;飞机由Jazz Aviation运营。这些细节可以适当简化,以保持简洁。 现在组织语言:确保句子连贯且信息完整。例如,“美国纽约市拉瓜迪亚机场发生跑道相撞事故”开头直接点明事件和地点。“一架加拿大快运航空客机与消防车相撞”说明事故双方。“导致两名飞行员死亡”说明结果。“41人受伤住院”补充伤亡情况。“飞机起火冒烟”描述事故后果。“机场周一重新开放”说明后续处理。 最后检查字数是否在限制内,并确保没有使用“文章内容总结”等开头用语。确认无误后就可以给出总结了。 美国纽约市拉瓜迪亚机场发生跑道相撞事故,一架加拿大快运航空客机与消防车相撞,导致两名飞行员死亡、41人受伤住院。飞机起火冒烟并散落碎片,机场周一重新开放。

[修复方案] OpenClaw升级后微信ClawBot插件崩溃 需彻底清理才能重启

不安全
8 hours 59 minutes ago
好,我需要帮用户总结这篇文章的内容,控制在100字以内。首先,文章讲的是OpenClaw升级到最新版后,微信ClawBot插件崩溃的问题。升级后,插件无法工作,导致机器人崩溃。解决方案是手动清理插件和配置信息,过程比较麻烦。用户可能遇到的问题包括机器人离线、网关服务启动失败、日志报错等。问题根源在于新版本对插件规范的修改,需要微信团队发布新插件来解决兼容性问题。 现在我要把这些要点浓缩成100字以内的总结。首先提到升级导致崩溃,然后解决方案是清理插件和配置,最后说明问题根源和需要微信团队更新插件。 总结一下:OpenClaw升级后微信插件崩溃,需手动清理恢复。问题源于新版本对插件规范的修改,需微信团队更新插件解决。 OpenClaw升级至v2026.3.22后,微信ClawBot插件导致崩溃。需手动清理插件和配置以恢复运行。

新型网络攻击InstallFix曝光:伪装CLI工具安装指令,诱导执行恶意命令

不安全
8 hours 59 minutes ago
嗯,用户让我帮忙总结一篇文章,控制在一百个字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,抓住主要信息。 文章讲的是InstallFix这种新型网络攻击手法,攻击者伪造安装页面,诱导用户执行恶意指令。他们克隆了合法工具的页面,比如Claude Code,然后在安装指令中植入恶意程序。这些恶意程序会下载Amatera窃密木马,窃取敏感数据。 攻击者通过谷歌广告推广这些伪造页面,用户搜索安装关键词时容易被误导。此外,恶意网站托管在正规平台上,增加了隐蔽性。建议用户从官方网站获取安装指令,并屏蔽推广结果。 总结的时候要涵盖攻击手法、目标、后果以及防范建议。控制在100字以内,所以需要简洁明了。 现在开始组织语言:InstallFix是一种新型网络攻击手法,攻击者伪造合法CLI工具的安装页面和指令,诱导用户执行恶意代码。这些恶意代码会下载Amatera窃密木马等恶意软件,窃取用户的敏感数据。攻击者通过谷歌广告等途径推广这些伪造页面。建议用户从官方网站获取安装指令,并屏蔽推广结果。 检查一下字数是否合适,并确保信息准确无误。 InstallFix是一种新型网络攻击手法,攻击者伪造合法CLI工具的安装页面和指令,诱导用户执行恶意代码。这些恶意代码会下载Amatera窃密木马等恶意软件,窃取用户的敏感数据。攻击者通过谷歌广告等途径推广这些伪造页面。建议用户从官方网站获取安装指令,并屏蔽推广结果。

新型网络攻击InstallFix曝光:伪装CLI工具安装指令,诱导执行恶意命令

嘶吼
8 hours 59 minutes ago

网络攻击者正在使用一种名为InstallFix的新型社工攻击手法,该手法是ClickFix技术的变种,其以安装合法命令行工具(CLI)为借口,诱骗用户执行恶意指令。 

这种新型攻击手段利用了当下开发者群体中的常见习惯:直接通过curl-to-bash这类命令从网络源下载并执行脚本,而未事先仔细检查内容。 研究人员发现,攻击者借助全新的InstallFix技术,克隆多款主流CLI工具的官方页面,并在页面中投放恶意安装命令。 

当前安全模型“本质上仍停留在‘信任域名’阶段”,且越来越多非技术人员开始使用原本仅面向开发者的工具,这使得InstallFix可能演变为更大规模的安全威胁。

日前,Push Security披露了一个克隆自Anthropic旗下代码助手Claude Code的伪造安装页面。该页面在布局、品牌标识与文档侧边栏等方面,均与官方来源完全一致。

二者的区别仅在于macOS与Windows系统(PowerShell、命令提示符)下的安装指令,伪造指令会从攻击者控制的服务器端下载恶意程序。

合法页面(上)和恶意页面(下)

研究人员指出,除安装指令外,伪造页面上的其余链接均会跳转到Anthropic官方网站。受害者进入页面并按照伪造指令操作后,仍可正常继续后续流程,完全意识不到已遭遇攻击。

攻击者通过谷歌广告中的恶意广告活动推广这些伪造页面,使得在搜索“Claude Code安装”“Claude Code CLI”等关键词时,恶意广告会出现在搜索结果中。

经证实,此类恶意网站仍在通过谷歌搜索的推广链接进行投放。搜索“install claude code”时,第一条结果即为Squarespace域名(claude-code-cmd.squarespace[.]com),页面与Claude Code官方文档几乎完全一致。

谷歌搜索推送虚假的 Claude 安装网站

部署Amatera信息窃取木马

根据分析,InstallFix攻击所投递的载荷为Amatera窃密木马,该恶意软件旨在从受感染设备中窃取加密货币钱包、账号凭证等敏感数据。 

针对macOS的恶意InstallFix命令中,包含经过Base64编码的指令,用于从攻击者控制的域名下载并执行二进制程序。其中一起案例中,攻击者使用的域名为wriconsult[.]com,目前该域名已下线。 

针对Windows用户,恶意命令利用系统合法工具mshta.exe拉取恶意程序,并触发conhost.exe等额外进程,为最终载荷Amatera窃密木马的执行提供支撑。

克隆版 Claude 安装指南(含恶意命令)

Amatera是一款较新的恶意软件家族,基于ACR Stealer开发,以订阅式服务(MaaS,恶意软件即服务)的形式向网络犯罪分子出售。

该恶意软件近期还出现在其他ClickFix攻击活动中,攻击者滥用Windows App-V脚本实现载荷投递。它可窃取浏览器中存储的密码、Cookie与会话令牌,采集系统信息,同时规避安全工具检测。

此类攻击具有较强的隐蔽性,原因之一是恶意站点托管于Cloudflare Pages、Squarespace、EdgeOne等正规平台。

在近期的一次攻击活动中,攻击者同样使用InstallFix技术,伪造托管在GitHub仓库中的OpenClaw安装程序,并通过必应AI增强搜索结果进行推广。

用户如需安装Claude Code,务必从官方网站获取安装指令,屏蔽或跳过谷歌搜索中的所有推广结果,并将常用软件下载入口添加至书签。

胡金鱼

AI Governance in 2026: Why Staying Current Is No Longer Optional for Your Business

不安全
9 hours ago
嗯,用户让我总结这篇文章的内容,控制在100字以内,而且不需要用特定的开头。首先,我得通读一下文章,了解主要观点。 文章讲的是2026年人工智能治理的重要性。企业部署了各种AI工具,但可能没有考虑到法律、财务和声誉上的风险。现在法规正在实施,比如欧盟的AI法案已经开始执行,美国各州也有不同的法律。企业需要进行AI系统的分类和管理,否则会有高额罚款。 接下来,我需要提取关键点:AI治理的现状、法规变化、企业面临的挑战以及应对措施。然后用简洁的语言把这些点整合起来,确保在100字以内。 可能会遇到的问题是如何在有限的字数内涵盖所有重要信息。我需要选择最核心的内容,比如欧盟和美国的法规、企业的应对措施等。 最后,检查一下是否符合用户的要求:中文总结,不使用特定开头,控制在100字以内。 2026年人工智能治理成为企业必选项。全球法规快速实施,欧盟AI法案已生效并将于2026年全面执行;美国各州法律复杂且相互冲突;企业需对AI系统进行风险分类和合规管理。未及时应对将面临高额罚款和声誉损失。

CVE-2018-25032 | Oracle Communications Cloud Native Core Network Function Cloud Native Environment DBTier denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
9 hours ago
A vulnerability described as critical has been identified in Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0/22.2.0. This impacts an unknown function of the component DBTier. The manipulation results in denial of service. This vulnerability is known as CVE-2018-25032. It is possible to launch the attack remotely. No exploit is available.
vuldb.com

CVE-2018-25032 | Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
9 hours ago
A vulnerability, which was classified as critical, has been found in Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1. Impacted is an unknown function of the component SEPP. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2018-25032. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2018-25032 | Oracle Communications Cloud Native Core Unified Data Repository UDR denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
9 hours ago
A vulnerability was found in Oracle Communications Cloud Native Core Unified Data Repository 22.2.0. It has been declared as critical. Affected is an unknown function of the component UDR. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2018-25032. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2018-25032 | Oracle MySQL Server up to 5.7.38/8.0.29 Compiling denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
9 hours ago
A vulnerability classified as critical was found in Oracle MySQL Server up to 5.7.38/8.0.29. The impacted element is an unknown function of the component Compiling. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2018-25032. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2018-25032 | Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59 PeopleSoft CDA denial of service (EUVD-2022-1454 / Nessus ID 215308)

Vuldb Updates
9 hours ago
A vulnerability, which was classified as critical, was found in Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59. This issue affects some unknown processing of the component PeopleSoft CDA. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2018-25032. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.
vuldb.com

Managed ad