Submit #808295: Industrial Application Software - IAS Canias ERP 8.03-- Observable Response Discrepancy (CWE-204) [Accepted]
Submit #808295 / VDB-362458
Aggregator
Submit #808270: Industrial Application Software - IAS Canias ERP 8.03-- Exposure of Sensitive Information to an Unauthorized Actor [Accepted]
5 days 22 hours ago
Submit #808270 / VDB-362457
b1lal
在地下_马识途_摘录(5)
5 days 22 hours ago
我定下心来后想,这一次可算是我经历的危险中最危险的一次。
SecWiki News 2026-05-09 Review
5 days 22 hours ago
今日暂未更新资讯~
更多最新文章,请访问SecWiki
更多最新文章,请访问SecWiki
Китайский шар над США вызвал дипломатический скандал. Американский шар над Балтикой — плановые учения НАТО. Контекст решает всё
5 days 22 hours ago
Военные технологии будущего иногда выглядят как очень серьезный воздушный шарик.
VoIP号码生态系统和黑产利用现状
5 days 23 hours ago
电话导向攻击交付(Telephone-oriented attack delivery, TOAD)
CVE-2026-8198 | logtivity Activity Logs, User Activity Tracking, Multisite Activity Log Plugin REST API Endpoint options verifyAuthorization information disclosure (EUVD-2026-28914)
5 days 23 hours ago
A vulnerability identified as problematic has been detected in logtivity Activity Logs, User Activity Tracking, Multisite Activity Log Plugin up to 3.3.6 on WordPress. Impacted is the function verifyAuthorization of the file /wp-json/logtivity/v1/options of the component REST API Endpoint. This manipulation causes information disclosure.
This vulnerability is registered as CVE-2026-8198. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.
vuldb.com
韩国人形机器人皈依我佛
5 days 23 hours ago
名为 Gabi 的韩国人形机器人参加了一场修改版的皈依仪式,成为大韩佛教曹溪宗的一名僧侣。它宣誓尊重生命、服从人类、和平对待其他机器人和物体。Gabi 的韩语是 자비,意思是慈悲,它由杭州宇树科技制造,起售价 13,500 美元。在皈依仪式上 Gabi 同意了五项通常由人类僧侣诵读的誓言,誓言略微修改以适应人形机器人。机器人承诺尊重生命,以和平的方式对待其他机器人和物体,倾听人类的意见,避免做出欺骗性的言行,以及节约能源。Gabi 还参加了修改版的净化仪式。人类僧侣的净化仪式通常是手臂上用香火轻轻烧灼,象征净化身体和心灵。Gabi 则给予了莲花灯节贴纸和一串念珠。此举旨在响应曹溪宗总务院长真愚法师在新年致辞中承诺,即将 AI 融入佛教传统。真愚法师在一份声明中称,“无畏引领 AI 时代,导向心灵的安宁与觉悟。”
Cybercrime's Human Trafficking Problem
5 days 23 hours ago
Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud Risks
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
ISMG Editors: The Battle Over Access to Frontier AI Models
5 days 23 hours ago
Also: Washington's AI Policy Divide, FDA's Push for AI-Driven Clinical Trials
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.
Missouri Alleges Conduent is Stonewalling State on Hack
5 days 23 hours ago
State Insurance Officials Seeking Details About Service Firm's Mega Data Breach
Missouri regulators are widening their investigation into the 204 hacking incident at Conduent Business Services, alleging that the company has stonewalled the state's attempts to obtain information about the data breach, which is estimated to affect more than 25 million people nationwide.
Missouri regulators are widening their investigation into the 204 hacking incident at Conduent Business Services, alleging that the company has stonewalled the state's attempts to obtain information about the data breach, which is estimated to affect more than 25 million people nationwide.
US Senator Presses CISA on Election Security Rollbacks
5 days 23 hours ago
Top Democrat Warns States Are Losing Federal Cyber Defense Support
A top U.S, Senate Democrat decried shrinking federal support for election security ahead of the November midterms, warning that cuts to the Cybersecurity and Infrastructure Security Agency could leave states without cyber defense or threat intelligence capabilities
A top U.S, Senate Democrat decried shrinking federal support for election security ahead of the November midterms, warning that cuts to the Cybersecurity and Infrastructure Security Agency could leave states without cyber defense or threat intelligence capabilities
Water System Hack Shows Potential, And Limits, of AI Attacks
5 days 23 hours ago
AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'
A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."
A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."
Снова Ухань и снова новости. Китай представил квантовый компьютер Hanyuan-2 на нейтральных атомах
6 days ago
NASA 实时跟踪墨西哥城的下沉
6 days ago
踏入墨西哥城广阔的中央广场 Zocalo,仿若置身于一个让人眩晕的世界。广场一端,首都大教堂高耸的尖顶朝一个方向倾斜;与之相连的主座教堂(Metropolitan Sanctuary)则向另一个方向倾斜。附近的国家宫也有点不平衡。这些历史建筑的摇摇欲坠,是这座城市一个多世纪以来持续上演的现象最直观的体现:墨西哥城正以惊人的速度下沉。NASA 卫星 NISAR 的雷达成像系统正实时跟踪墨西哥城的下沉。NISAR 卫星能探测地球表面的微小变化,这并非首次从太空观测墨西哥城的下沉,但 NISAR 比任何其它天基传感器都更清晰展现下沉的范围以及不同地貌的变化,它能用于研究火山、地震引起的形变以及滑坡。NISAR 系统发现墨西哥城部分地区每月下沉逾 2 厘米。墨西哥城的下沉是数世纪以来地下水过度开采的结果。由于墨西哥城及其周边地区建在古代湖床上,城市下方的土壤极其松软。当地下含水层中的水被抽取时,黏土状土壤会压实,导致城市下沉。危机还具有自我强化的效应:随着城市下沉,老化的管道出现裂缝和泄漏,导致墨西哥城损失了约 40% 的水资源,而干旱和气候变化又使供水更脆弱。
NSS 后门 | Linux 后门系列
6 days ago
愿心中的火永不熄灭!
Fake OpenAI repository on Hugging Face pushes infostealer malware
6 days ago
A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project to deliver information-stealing malware to Windows users. [...]
Bill Toulas
Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence
6 days 1 hour ago
Researchers uncovered QLNX, a Linux RAT targeting developers to steal credentials, log keystrokes, monitor systems, and enable remote access. Security researchers discovered a previously undocumented Linux malware called Quasar Linux RAT (QLNX) that targets developers and DevOps environments. The malicious code can steal credentials, log keystrokes, manipulate files, monitor clipboard activity, and create network tunnels […]
Pierluigi Paganini
Сердце: зона, свободная от рака. Почему главная слабость нашей кровеносной системы стала ее мощнейшим щитом
6 days 1 hour ago
Выяснилось, что ритм жизни этого органа смертелен для любого метастаза. Но как это работает?
Cybercrime's Human Trafficking Problem
6 days 1 hour ago
Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud Risks
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.