Aggregator

知识星球双十二活动一转眼，双十二到了,bugbounty笔记 星球开启2024年度最后一次优惠活动。下面是会员的评价:新用户专享66元门票优惠券，数量发放10张，现在行动，扫描下方二维码，即刻成为我们

访问某VUE站点，发现直接重定向要求从飞书登陆，立马抓包丢掉请求了。imagecopy使用JS替换在本地调试修改尝试绕过image copy 2直接全局搜索跳转到url找到原因， 把这个注释掉并保存，

A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...]

今天给大家介绍一个网站“反帝国主义阵线”。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

I am writing a book for High School kids titled ‘Mathematics and Bitcoin’.The focus is teaching Math

一说到RAG或者Agent，很多人就会想到LangChan或者LlamaIndex，他们似乎觉得这两个东西是大模型应用开发的标配。但对我来说，我特别讨厌这两个东西。因为这两个东西就

Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago. This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys emerging as a promising solution. The tech giant has also reported a 146% year-over-year increase […]

The post “Password Era is Ending,” Microsoft to Delete 1 Billion Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

极客公园创新大会 2025 第一天圆满收官！（撒花🎉） 今年获得最多的资本支持，投入了最多资源的创业者们，都在忙什么？ 大模型能够在哪些领域最先产生突破？ 人形机器人还有多久能够落到实地？ 自动驾驶大战何时尘埃落定？ 来自不同领域的嘉宾登台极客公园创新大会，和我们分享他们过去一年“敢想敢做”的成果，一起来看看他们的精彩见解！ 明天，来自不同领域的超级个体，过去一年的优秀产品负责人，还将继续登台，分享他们对未来的洞见。 更多精彩，关注极客公园，我们不见不散！

A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function is_jmp_point of the component bpf. The manipulation leads to incorrect comparison. This vulnerability is handled as CVE-2023-52920. The attack needs to be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Linux Kernel up to 6.7.1. It has been declared as critical. Affected by this vulnerability is the function netdev_priv. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-26596. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks from pprof endpoints, and potential code execution threats, which could lead to data breaches, system outages, and unauthorized access. Vulnerable Prometheus servers are exposed to internet risk exploitation by attackers, which includes a critical “RepoJacking” vulnerability, allowing malicious exporters to be […]

The post Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in shabti Frontend Admin Plugin up to 3.24.5 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-11720. The attack may be initiated remotely. There is no exploit available.