Aggregator

Lynx

Dark Feed IO
1 month 4 weeks ago

You must login to view this content

cohenido

830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAs 

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 month 4 weeks ago

Netskope Threat Labs reported a staggering 3.32-fold increase in traffic to phishing pages hosted on the Glitch platform, a browser-based web development tool that allows users to create and deploy web apps with free subdomains. This alarming spike has impacted over 830 organizations and more than 3,000 users, with Navy Federal Credit Union members being […]

The post 830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAs  appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation

The Hackers News
1 month 4 weeks ago
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but executives want to understand risk in terms of financial exposure, operational impact, and avoiding loss. The
The Hacker News

Wendelstein 7-X 仿星器创下可控核聚变新纪录

Solidot
1 month 4 weeks ago
Wendelstein7-X(W7-X)实验项目创下了一项新的世界纪录:成功地维持了长等离子体放电三重积长达 43 秒的新峰值。这标志着 W7-X 超越了其他类型的磁约束装置在这方面的表现,也为未来聚变电站的发展提供了重要技术支持。W7-X 实验项目是目前世界规模最大的仿星器装置实验,旨在验证仿星器设计能否达到理论预期的高效性能。在人类追求聚变发电的征途上,仿星器被视为最具潜力的概念之一。它通过融合轻原子核来产生能量,而这一过程需要在等离子体的状态下进行——这是一种被加热至数千万摄氏度的电离气体。仿星器利用复杂的磁场将这种高温等离子体限制在一个环形真空室内,以实现核聚变所需的条件。而三重积,被认为是可控核聚变的一条“及格线”。只有三重积达到一定阈值,核聚变才能自持燃烧,步入实用化阶段。W7-X 与托卡马克装置相比,尽管后者拥有相对简单的结构和广泛的研究基础,在历史上也取得了一定的三重积值,但它们的等离子体持续时间通常仅为几秒钟。而在维持更长等离子体持续时间方面,W7-X 展现出明显的优势。

CVE-2025-4568 | Trol InterMedia 2ClickPortal up to 7.14.2 changes__reference_id sql injection (EUVD-2025-16979)

VulDB Recent Entries
1 month 4 weeks ago
A vulnerability, which was classified as critical, has been found in Trol InterMedia 2ClickPortal up to 7.14.2. Affected by this issue is some unknown functionality. The manipulation of the argument changes__reference_id leads to sql injection. This vulnerability is handled as CVE-2025-4568. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Google Chrome 撤销对中华电信和 Netlock CA 的信任

Solidot
1 month 4 weeks ago
Google 以合规、未兑现改进承诺以及响应披露等问题撤销了对中华电信和匈牙利 Netlock CA 的信任,Chrome 浏览器在 7 月 31 日之后将停止信任中华电信和 Netlock 颁发的证书。跟踪 CA 和证书的研究员 Ryan Hurst 称,在一年多时间里 Netlock 未向数据库 Common CA Database 披露一个中间证书;Netlock 未能撤销一个错误颁发的证书;Netlock 未能按要求每周提供安全事件更新;中华电信推迟撤销一个错误颁发的证书;中华电信错误颁发了 247 个主题域名结构不正确的证书。

Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware

The Hackers News
1 month 4 weeks ago
An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence to be a sub-cluster within OilRig, a known Iranian nation-state cyber actor. It's said to be active since September 2017, when it targeted
The Hacker News

Managed ad