Aggregator

The value of losses to crypto thefts has soared this year to more than $2 billion over the first six months, the blockchain analytics company Chainalysis found.

Cybersecurity researchers at Seqrite Labs have identified a sophisticated espionage group designated as UNG0002 (Unknown Group 0002) that has been conducting persistent campaigns across multiple Asian jurisdictions since May 2024. The threat actors have demonstrated remarkable adaptability by integrating social engineering techniques with advanced malware deployment methods, specifically targeting organizations in China, Hong Kong, and […]

The post UNG0002 Actors Weaponize LNK Files via ClickFix Fake CAPTCHA Pages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as critical was found in Linux Kernel up to 6.8.1. Affected by this vulnerability is the function pvr2_context_disconnect in the library lib/dump_stack.c. The manipulation leads to use after free. This vulnerability is known as CVE-2024-26875. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.18/5.10.208/5.15.147/6.6.13/6.7.1. It has been rated as problematic. Affected by this issue is the function spectrum_acl_tcam of the component mlxsw. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-26586. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.2.7. It has been rated as problematic. This issue affects the function kfd_wait_on_events. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2023-53090. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.103/6.1.20/6.2.7. Affected by this vulnerability is the function ext4_get_journal. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2023-53091. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.10.197/5.15.133/6.1.55/6.5.5. Affected by this issue is some unknown functionality of the component pm80xx. The manipulation leads to allocation of resources. This vulnerability is handled as CVE-2023-52500. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. This vulnerability affects the function setup_base_ctxt of the component hfi1. The manipulation leads to memory leak. This vulnerability was named CVE-2022-50134. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.19.266/5.4.224/5.10.155/5.15.79/6.0.9. It has been declared as problematic. Affected by this vulnerability is the function tcm_loop_setup_hba_bus of the component scsi. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2022-49780. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.0.9. Affected by this issue is the function kcm_recvmsg of the component kcm. The manipulation leads to race condition. This vulnerability is handled as CVE-2022-49814. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.0.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component bpf. The manipulation leads to uncontrolled recursion. This vulnerability is known as CVE-2022-49764. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Helm up to 3.18.3 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection. This vulnerability is known as CVE-2025-53547. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

葡萄牙波尔图大学与西班牙巴塞罗那超级计算中心合作，采用多种技术分析了人体 46 种组织的样本，包括分析这些组织的基因表达、mRNA（信使核糖核酸）前体的选择性剪接、DNA（脱氧核糖核酸）甲基化和组织学改变等。 研究表明，吸烟会引发全身组织炎症。在人体组织中，吸烟引起的表观遗传变化与已知的衰老机制相似，例如会导致DNA上某些位点的高甲基化等。在吸烟人群中观察到的加速衰老现象与这类高甲基化有关。研究还发现，吸烟导致的表观遗传变化不仅发生在肺部，在胰腺、甲状腺、食管及大脑的某些区域都可以观察到。研究人员表示，这项研究“确定了烟草引起的（人体组织）分子层面变化，某些变化在戒烟后是不可逆的，特别是那些与衰老机制重叠的特征”。

The UK’s Co-op retailer has disclosed that all 6.5 million of its members had their personal data stolen during a devastating cyberattack in April 2024. Chief Executive Shirine Khoury-Haq confirmed the full extent of the breach in her first public interview since the incident, expressing her devastation over the attack’s impact on both members and […]

The post UK’s Co-op Retailer Hit by Cyberattack, 6.5 Million Members’ Data Exposed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Механизм, который обещал спасение, сам оказался троянским конём.

An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the dismantling of a major part of the group's central server infrastructure and more than 100 systems across the world.

在西方的电动汽车市场，特斯拉仍然拥有领先优势。但在中国市场，它的领先优势不那么明显，或者根本不存在。以前中国电动汽车制造商相对于特斯拉的优势主要是价格，但过去几个月比亚迪在自动驾驶和电池技术上接近甚至超越了特斯拉。而同一时间特斯拉 CEO 马斯克（Elon Musk）则深度参与了特朗普政府的活动，之后不欢而散，宣布辞去政府职位重新专注于特斯拉。比亚迪去年的汽车总销量达到了 427 万辆，几乎是 2020 年的 10 倍，其中纯电汽车销量 176 万辆。特斯拉则在过去四年销量从不到 50 万辆增加到 179 万辆。随着比亚迪海外扩张的加快，该公司有望在 2025 年超过特斯拉成为最大的电动汽车制造商。Gigacasting 曾是特斯拉在 2021 年率先采用的技术，但到了 2023 年小鹏汽车推出 G6 SUV 时它采用的 Gigacasting 已经超过了特斯拉。今年前六个月特斯拉在中国的销量下滑了 5%，分析师认为这与马斯克的政治活动无关。特斯拉在中国面临的重大挑战之一是中国的监管政策限制其将收集的数据传输给美国，而美国当局也不允许它在中国进行训练，结果是中国版本的辅助驾驶系统 FSD 性能较差。

United Natural Foods Projects (UNFI) expects a $350–$400M sales hit from a June cyberattack, with $50–$60M in net income impact. United Natural Foods, Inc. (UNFI), the main distributor for Amazon’s Whole Foods, said the June 2025 cyberattack will slash its fiscal 2025 sales by $350 to $400 million. United Natural Foods, Inc. (UNFI) is a Providence, Rhode […]

A vulnerability has been found in Oracle Universal Work Queue up to 12.2.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Work Provider Administration. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-50105. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Oracle JDBC up to 23.8. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-50070. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.