Aggregator

A vulnerability, which was classified as problematic, has been found in amoyjs amoy common 1.0.10. Affected by this issue is the function setValue. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is handled as CVE-2024-39003. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical was found in Online Clinic Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /success/editp.php?action=edit. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2024-48597. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Mitel MiCollab up to 9.8.0.33. Affected is an unknown function of the component NuPoint Messenger. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-35286. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Mitel MiCollab up to 9.8.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the component NuPoint Messenger. The manipulation leads to execution with unnecessary privileges. This vulnerability is known as CVE-2024-35287. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.8.1.201. It has been declared as critical. This vulnerability affects unknown code of the component Conferencing Component. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-47912. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in Vilo Mesh WiFi System up to 5.16.1.33 and classified as critical. This vulnerability affects unknown code of the component TCP Service Port 5432. The manipulation leads to missing authentication. This vulnerability was named CVE-2024-40087. The attack can be initiated remotely. There is no exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in Vilo Mesh WiFi System up to 5.16.1.33. It has been classified as critical. Affected is an unknown function of the component Boa Webserver. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-40084. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.8.1.201. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component AWV. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-47223. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Vilo Mesh WiFi System up to 5.16.1.33. This vulnerability affects unknown code of the component Boa Webserver. The manipulation leads to path traversal. This vulnerability was named CVE-2024-40088. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in parisneo lollms-webui up to 9.8 and classified as problematic. This vulnerability affects the function lollms_binding_infos. The manipulation of the argument client_id leads to cross-site request forgery. This vulnerability was named CVE-2024-6040. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component Clipboard Virtual Channel Extension. The manipulation leads to sensitive data storage in improperly locked memory. This vulnerability is uniquely identified as CVE-2024-38131. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Mitel MiCollab up to 9.8.0.33. It has been rated as critical. This issue affects some unknown processing of the component NuPoint Messenger. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-35285. The attack may be initiated remotely. There is no exploit available.

A sophisticated SEO poisoning campaign targeting system administrators with malicious backdoor malware. Arctic Wolf security researchers have uncovered a dangerous search engine optimization (SEO) poisoning and malvertising campaign that has been targeting IT professionals since early June 2025. The campaign uses fake websites hosting Trojanized versions of popular IT tools, specifically PuTTY and WinSCP, to […]

The post Weaponized Versions of PuTTY and WinSCP Attacking IT Admins Via Search Results appeared first on Cyber Security News.

ISC Stormcast播客于2025年7月8日发布，值班处理员为Xavier Mertens，当前威胁级别为绿色。即将于7月14日至19日在华盛顿举办“应用安全：保护Web应用、API和微服务”课程。

文章指出软件供应链安全已成为关键问题，并分析了开源大模型、智能网联汽车等新兴领域的风险。

文章描述了一个错误代码521的情况，通常由Cloudflare引发，表明Web服务器无法处理请求。这可能是由于服务器过载或配置问题导致的。

HackerNews 编译，转载请注明出处： 网络安全研究人员监测到针对员工登录凭证的身份驱动型网络攻击激增。eSentire威胁响应部门（TRU）最新报告显示：2024年至2025年一季度期间，该机构处理的1.9万起身份相关安全事件同比激增156%，此类威胁在其服务的2000余家企业中占比高达59%。 钓鱼即服务（PhaaS）推动凭证窃取 Tycoon 2FA平台成为主要推手：该钓鱼即服务平台通过提供中间人攻击（AitM）能力绕过双因素认证（2FA），已超越EvilProxy等竞品成为2025年1-5月最活跃攻击工具。攻击者以月租200-300美元（约合人民币1450-2170元）获取以下服务： 伪装成可信来源的邮件模板 突破MFA防护的中间人攻击模块 反调试与规避检测工具 内置凭证窃取功能 客户支持及定期更新 攻击者利用该平台实施商业邮件欺诈（BEC）：主要针对应收账款部门员工，窃取其凭证后篡改支付路径，将企业资金转入攻击者控制账户。 信息窃取器提供低成本替代方案 攻击者通过Lumma窃密程序等工具批量获取凭证：地下市场中单份窃密日志仅售10美元（约合人民币72元），每份日志可能包含数十项高价值数据： 邮箱/银行服务登录凭据 密码管理器数据库 加密钱包及浏览器扩展数据 VPN/FTP客户端及本地文件 该窃密程序自2022年活跃至今，其内置自动化过滤机制可快速识别高价值数据，大幅缩短凭证利用周期，并通过”Russian Market”等黑市加速销赃。 凭证窃取呈现高回报特性 据FBI统计：2013年至今全球累计发生超30万起商业邮件欺诈案件，造成550亿美元（约合人民币3980亿元）损失。2025年第一季度，信息窃取器占eSentire阻断恶意软件的35%，身份攻击的经济回报率已超越传统漏洞利用。 防御建议 eSentire TRU预测此类威胁将持续蔓延，呼吁企业采取三项核心措施：部署钓鱼攻击免疫的身份验证技术、实施零信任架构、建立实时访问监控机制。       消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

微软改进Microsoft Edge浏览器性能,首次内容绘制时间压缩至300毫秒以内,优化浏览器启动时功能元素渲染速度,提升用户体验,但不影响网页加载速度。

Угроза VPN, Tor и закрытым мессенджерам уже в стратегии ЕС.

臭名昭著的Atomic macOS Stealer（AMOS）恶意软件升级后植入后门模块，使攻击者能长期控制Mac设备。该恶意软件通过破解网站和钓鱼攻击传播，在全球120多个国家活跃。专家建议用户安装反恶意软件、警惕社交工程并减少数字足迹以降低风险。