Aggregator

A vulnerability categorized as critical has been discovered in reconurge flowsint up to 1.2.2. This vulnerability affects unknown code. Such manipulation leads to improper access controls. This vulnerability is documented as CVE-2026-44352. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Advantech SaaS Composer, IoTSuite Growth Linux docker, IoTSuite Starter Linux docker, IoT Edge Linux docker, IoT Edge Windows, WebAccess, SCADA, WebAccess SaaS-Composer and ECOWatch SaaS-Composer. It has been rated as critical. This affects an unknown part. This manipulation causes sql injection. This vulnerability is registered as CVE-2026-6888. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in warp-tech warpgate up to 0.23.2 on Linux. It has been declared as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument state results in cross-site request forgery. This vulnerability is cataloged as CVE-2026-44347. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in AMD EPYC 9004 Processors, EPYCSeries 4004 Processors, EPYC 8004 Processors, Instinct MI300A Processors, Ryzen Z1 Processors, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon Graphics, Ryzen 9000 Desktop Processors, Ryzen 7000 Desktop Processors, Ryzen 8000 Desktop Processors, EPYC Embedded 9004 Processors, EPYC Embedded 8004 Processors, Ryzen Embedded 8000 Processors and Ryzen Embedded 7000 Processors. It has been classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to protection mechanism failure. This vulnerability is listed as CVE-2024-36315. The attack must be carried out locally. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in smub Charitable Plugin up to 1.8.10.4 on WordPress and classified as critical. Affected is the function edit_others_donations. Executing a manipulation of the argument s can lead to sql injection. This vulnerability is tracked as CVE-2026-7619. The attack can be launched remotely. No exploit exists.

A vulnerability has been found in broadstreetads Broadstreet Plugin up to 1.53.1 on WordPress and classified as critical. This impacts the function create_advertiser of the component AJAX Action Handler. Performing a manipulation results in improper authorization. This vulnerability is identified as CVE-2025-9988. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as problematic, was found in broadstreetads Broadstreet Plugin up to 1.53.1 on WordPress. This affects the function get_sponsored_meta. Such manipulation leads to information disclosure. This vulnerability is referenced as CVE-2025-9987. It is possible to launch the attack remotely. No exploit is available.

谷歌公司今天表示，其正在引入更新的文件分享功能，这将使安卓用户向苹果手机用户发送文件变得更容易。快速分享已经在特定安卓设备上与苹果的隔空投送功能兼容，但谷歌表示，该功能将于2026年扩展到三星、OPP

Невидимый сетевой посредник получил слишком много власти над привычным маршрутом.

An employee with persistent, unsupervised admin access across critical systems, with no audit trail, no clear owner, and no regular access reviews, would raise immediate concern in most organizations. Yet non-human identities and AI agents are often granted that same kind of persistent, broadly privileged access. As AI adoption grows, that gap is becoming harder to ignore. NHIs today encompass far more than traditional service accounts and API keys. They also often include AI agents … More →

The post The hidden risk of non-human identities in AI adoption appeared first on Help Net Security.

Meta公司员工周二在美国多个办公室分发传单，抗议公司近期在员工电脑上安装鼠标追踪软件的行为。这些传单出现在Meta公司办公室的会议室、自动售货机以及卫生纸架上方，鼓励员工签署一份反对此举的在线请愿书

«Европа проиграла облачную гонку: Gaia-X и Andromeda не смогли стать альтернативой гигантам.

法国敦促欧盟整治Shein和Temu等平台不合格产品泛滥问题法国希望欧盟对希音和 Temu 等平台采取更有力的行动，理由是这些平台销售 “危险” 的中国商品。在一些平台曝出情趣娃娃丑闻之后，巴黎方面一

Как стартап Panthalassa намерен запустить вычисления в океане без кабелей и розеток.

error code: 1003

酒店集团 BWH Hotels 正在通知部分客人，黑客获取预订数据的时间已超六个月。   BWH 酒店集团在全球运营着 4000 多家酒店，旗下品牌包括世界酒店（WorldHotels）、贝斯特韦斯特酒店及度假村（Best Western Hotels & Resorts）以及舒尔酒店（Sure Hotels）。   发送给受数据泄露影响客户的电子邮件显示，此次入侵于 ...

英国政府将取得英国钢铁公司全部所有权英国首相斯塔默周一表示，英国将取得对英国钢铁公司的全部所有权。去年，政府援引紧急立法接管了这家钢铁厂，此前外界担心其中国所有者敬业集团停止焦炭进口之后正在关停其斯肯

3倍积分奖励！新人现金大奖等你来！