Aggregator

日本内阁府的生命伦理专门调查会达成基本共识，允许使用人类 iPS 细胞制作受精卵（胚胎）。培养期限定为 14 天以内。在遵守一定规则的前提下允许进行相关研究，这将有助于查明不孕症及遗传性疾病的病因。使用受精卵的传统研究，大多使用在不孕治疗过程中获得的受精卵。如果能够使用 iPS 细胞等轻松获取受精卵，繁殖相关研究有可能取得进展。在使用 iPS 细胞来调查“繁殖”机制的研究领域，日本一直走在世界前列。已经在小鼠实验中成功使用 iPS 细胞制作卵子和精子，并使其受精后培育出后代。在人类身上实现这一点也只是时间问题，因此需要加紧建立相关规则。京都大学教授斋藤通纪的研究团队于 2011～2012 年首次成功利用小鼠的 iPS 细胞制作出卵子和精子，并使其受精后培育出后代。

Submit #621411 / VDB-317585

Clorox is suing IT giant Cognizant, claiming their help desk handed over employee passwords to hackers — no phishing, no malware… just gave them away.

The post “Bleach Wasn’t Strong Enough: Clorox Sues Cognizant After Help Desk Allegedly Gave Away Passwords to Hackers” appeared first on Security Boulevard.

Clorox起诉Cognizant因IT帮助台泄露员工密码给伪装成员工的黑客，导致3.56亿美元损失。Clorox指控Cognizant在未验证身份的情况下多次提供凭据。Cognizant否认指控。

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-8169. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in D-Link DIR-513 1.10. It has been rated as critical. Affected by this issue is the function websAspInit of the file /goform/formSetWanPPPoE. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-8168. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #620834 / VDB-317584

CastleLoader, a rapidly evolving loader discovered in 2025, has surged across underground networks by weaponizing Cloudflare-themed “Clickfix” phishing pages and doctored GitHub repositories to compromise Windows hosts. The malware masquerades as benign developer resources, browser updates, or meeting portals, luring unsuspecting users into copying a seemingly innocent PowerShell command that promises to “verify” or “repair” […]

The post New CastleLoader Attack Using Cloudflare-Themed Clickfix Technique to Infect Windows Computers appeared first on Cyber Security News.

Submit #620817 / VDB-317583

Submit #620816 / VDB-317582

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/edit_members.php. The manipulation of the argument fname leads to cross site scripting. This vulnerability is known as CVE-2025-8167. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. This vulnerability is traded as CVE-2025-8166. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks

Submit #620801 / VDB-289302

A vulnerability was found in code-projects Food Review System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/approve_reservation.php. The manipulation of the argument occasion leads to sql injection. The identification of this vulnerability is CVE-2025-8165. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #620742 / VDB-317581

Submit #620736 / VDB-317580

Submit #620631 / VDB-317579

Chennai, India, 25th July 2025, CyberNewsWire

Chennai, India, 25th July 2025, CyberNewsWire

The post xonPlus Launches Real-Time Breach Alerting Platform for Enterprise Credential Exposure appeared first on Security Boulevard.