Aggregator

固定某公众号前端加密密钥，从而绕过加密限制。

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »

Following their attacks on Salesforce instances last year, members of the cybercrime group have broadened their targeting and gotten more aggressive with extortion tactics.

A vulnerability marked as problematic has been reported in WP ULike Plugin up to 4.8.3.1 on WordPress. This vulnerability affects the function wp_ulike_delete_history_api. This manipulation of the argument ID causes improper control of resource identifiers. This vulnerability appears as CVE-2026-0909. The attack may be initiated remotely. There is no available exploit.

A vulnerability labeled as critical has been found in Qualcomm Snapdragon Auto, Snapdragon CCW, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. This affects an unknown part. The manipulation results in use after free. This vulnerability is reported as CVE-2025-47398. The attack requires a local approach. No exploit exists. The affected component should be upgraded.

Теперь каучук растет там, где выживают только верблюды.

NSA released new guidelines to help organizations achieve target-level Zero Trust maturity