Safe{Wallet}基础设施被注入恶意代码,Bybit遭供应链攻击损失15亿美元
朝鲜黑客组织自2017年起,被指已盗取价值超过60亿美元的密币资产。
Aggregator
Yak 在 AI 浪潮中应该如何存活?
9 months 2 weeks ago
一些关于AI与Yak的思考
Yak 在 AI 浪潮中应该如何存活?
9 months 2 weeks ago
一些关于AI与Yak的思考
Yak 在 AI 浪潮中应该如何存活?
9 months 2 weeks ago
一些关于AI与Yak的思考
Yak 在 AI 浪潮中应该如何存活?
9 months 2 weeks ago
一些关于AI与Yak的思考
Yak 在 AI 浪潮中应该如何存活?
9 months 2 weeks ago
一些关于AI与Yak的思考
黑客假冒中国台湾税务局传播Winos 4.0恶意软件
9 months 2 weeks ago
攻击具有较高的严重性,采用了多阶段感染过程,最终目的是窃取敏感信息,以用于未来的恶意活动。
Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363)
9 months 2 weeks ago
A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized access to the vulnerable application. About CVE-2025-23363 Siemens Teamcenter is a suite of applications that is used by businesses to manage the entire lifecycle of a product, from initial concept to design, manufacturing, service, and eventual disposal. CVE-2025-23363 is an open redirect vulnerability in Teamcenter’s single sign-on (SSO) login … More →
The post Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) appeared first on Help Net Security.
Zeljka Zorz
300 Гбит/с против серверов: кто стоит за атаками на российские игры?
9 months 2 weeks ago
StormWall выявил двукратный рост кибератак на развлекательную сферу.
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
9 months 2 weeks ago
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023.
French cybersecurity company Sekoia said it observed the unknown threat actors deploying a backdoor by leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042,
The Hacker News
CVE-2025-1745 | LinZhaoguan pb-cms 2.0 Logout cross-site request forgery (IBMM8V)
9 months 2 weeks ago
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This vulnerability affects unknown code of the component Logout. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2025-1745. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
AI 赋能,开启数字信任新时代
9 months 2 weeks ago
在数字化进程飞速发展的当下,数字信任已成为社会与经济活动平稳运行的重要基础设施。无论是线上金融交易的资金流转, […]
格尔软件
Trustmi Behavioral AI combats social engineering attacks
9 months 2 weeks ago
Trustmi announced new Behavioral AI, anomaly detection, and risk-scoring capabilities to help enterprise customers combat social engineering attacks on their finance teams, payment systems, suppliers, and processes. The new wave of sophisticated AI-driven social engineering attacks generates highly personalized and convincing messages, making it increasingly difficult for employees and traditional security measures—such as email security—to differentiate between legitimate and malicious communications. These attacks have a singular focus: targeting finance teams and executives with access to … More →
The post Trustmi Behavioral AI combats social engineering attacks appeared first on Help Net Security.
Industry News
Deepseek助力职场办公效能提升课程
9 months 2 weeks ago
Deepseek助力职场办公效能提升课程
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
9 months 2 weeks ago
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
Deepseek助力职场办公效能提升课程
9 months 2 weeks ago
Deepseek助力职场办公效能提升课程
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
9 months 2 weeks ago
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
Deepseek助力职场办公效能提升课程
9 months 2 weeks ago
Deepseek助力职场办公效能提升课程
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
9 months 2 weeks ago
2,500 美元漏洞报告-通过未认领的 Node 包进行远程代码执行 (RCE)
Submit #502342: LinZhaoguan pb-cms v2.0 Cross-Site Request Forgery [Accepted]
9 months 2 weeks ago
Submit #502342 / VDB-297832
enenen