Aggregator

Name: THCon 2K26 CTF (an THCon CTF event.)
Date: May 7, 2026, 11 a.m. — 08 May 2026, 11:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://thcon.party/
Rating weight: 34.67
Event organizers: pony7

Currently trending CVE - Hype Score: 5 - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The ...

Currently trending CVE - Hype Score: 9 - OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go.

Currently trending CVE - Hype Score: 9 - pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.

Currently trending CVE - Hype Score: 1 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Currently trending CVE - Hype Score: 14 - Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Currently trending CVE - Hype Score: 6 - SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system ...

Currently trending CVE - Hype Score: 6 - In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.  This issue impacts ...

Poland’s ABW confirmed hackers breached ICS at five water plants, gaining ability to alter equipment settings. Russia-linked APT groups suspected. Poland’s Internal Security Agency (ABW) has published a detailed account of a sustained campaign targeting the country’s water plants, documenting security breaches at five water treatment facilities in 2025. The incidents mark one of the […]

A Virginia man was convicted on federal charges Thursday after a jury found him guilty of deleting 96 government databases and stealing an individual’s password, leading their email account to be accessed without permission.

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick family, which is known to leverage a worm called SORVEPOTEL to

Остановить запущенный процесс практически невозможно.