Aggregator

小鼠研究显示新疗法能在数小时内清除大脑中与痴呆症相关的斑块

Solidot
3 months 4 weeks ago
根据发表在《Signal Transduction and Targeted Therapy》期刊上的一项研究,小鼠研究显示阿尔茨海默病新疗法能在数小时内清除大脑中的斑块。仅仅三次注射就逆转了小鼠大脑中类似阿尔茨海默病的关键病理特征。在第一次注射数小时后,小鼠大脑中的 β淀粉样蛋白斑块减少了近 45%。出现认知功能下降的小鼠在三次注射后其空间学习和记忆任务表现与健康小鼠相当,并持续了至少六个月。小鼠身上的结果未必能在人类身上复制,但研究作者表示这是一个令人鼓舞的开始,预示着药物研究的一个新时代。这项研究由 Institute for Bioengineering of Catalonia (IBEC)和四川大学华西医院共同完成。研究是基于一项假设:阿尔茨海默病患者大脑中血脑屏障被削弱或受损了,从而导致了废弃物在大脑中堆积。研究人员利用纳米颗粒修复血脑屏障,让β淀粉样蛋白更容易清理出去。

New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft

Cyber Security News
3 months 4 weeks ago

Threat actors are leveraging Microsoft Azure Blob Storage to craft highly convincing phishing sites that mimic legitimate Office 365 login portals, putting Microsoft 365 users at severe risk of credential theft. This method exploits trusted Microsoft infrastructure, making the attacks harder to spot as the fraudulent pages appear secured by official SSL certificates issued by […]

The post New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft appeared first on Cyber Security News.

Guru Baran

CVE-2025-11940 | LibreWolf up to 143.0.4-1 on Windows Installer assets/setup.nsi uncontrolled search path (EUVD-2025-35003 / CNNVD-202510-2552)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability was found in LibreWolf up to 143.0.4-1 on Windows and classified as problematic. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. This vulnerability is listed as CVE-2025-11940. The attack must be carried out locally. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-40002 | Linux Kernel up to 6.17.2 thunderbolt cancel_delayed_work use after free (EUVD-2025-34987 / WID-SEC-2025-2340)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability has been found in Linux Kernel up to 6.17.2 and classified as critical. The impacted element is the function cancel_delayed_work of the component thunderbolt. This manipulation causes use after free. This vulnerability is tracked as CVE-2025-40002. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-40001 | Linux Kernel up to 4.19.266 mvsas cancel_delayed_work use after free (EUVD-2025-34988 / WID-SEC-2025-2340)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel. The affected element is the function cancel_delayed_work of the component mvsas. The manipulation results in use after free. This vulnerability is identified as CVE-2025-40001. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-40003 | Linux Kernel up to 4.19.266 ocelot kernel/workqueue.c cancel_delayed_work initialization (EUVD-2025-34986 / WID-SEC-2025-2340)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Linux Kernel. Impacted is the function cancel_delayed_work of the file kernel/workqueue.c of the component ocelot. The manipulation leads to improper initialization. This vulnerability is referenced as CVE-2025-40003. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-11939 | ChurchCRM up to 5.18.0 Backup Restore RestoreJob.php restoreFile path traversal (EUVD-2025-35004 / CNNVD-202510-2553)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability classified as critical was found in ChurchCRM up to 5.18.0. This issue affects some unknown processing of the file src/ChurchCRM/Backup/RestoreJob.php of the component Backup Restore Handler. Executing manipulation of the argument restoreFile can lead to path traversal. The identification of this vulnerability is CVE-2025-11939. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-11938 | ChurchCRM up to 5.18.0 setup/routes/setup.php DB_PASSWORD/ROOT_PATH/URL deserialization (EUVD-2025-35002 / CNNVD-202510-2557)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability classified as critical has been found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing manipulation of the argument DB_PASSWORD/ROOT_PATH/URL results in deserialization. This vulnerability was named CVE-2025-11938. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months 4 weeks ago

Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other serious offenses across the continent. The coordinated action, codenamed ‘SIMCARTEL’, resulted in seven arrests, the seizure of over 40,000 active SIM cards, and the takedown of infrastructure that facilitated crimes causing millions of euros in […]

The post Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kaaviya

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

The Hackers News
3 months 4 weeks ago
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP archive as a way to trigger the infection. The cybersecurity company's analysis is based on the ZIP
The Hacker News

Managed ad