Aggregator

A vulnerability labeled as critical has been found in Mautic up to 4.4.16/5.2.7/6.0.4. The impacted element is an unknown function of the component SummaryUsers. Executing manipulation can lead to server-side request forgery. This vulnerability appears as CVE-2025-9821. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks. The vulnerabilities are listed below - CVE-2025-38352 (CVSS score: 7.4) - A privilege escalation flaw in the Linux Kernel component  CVE-2025-48543 (CVSS score: N/A) - A

有点神秘

360人，肩负使命，始终昂扬！

当前环境出现异常，请完成验证后继续访问。

关键词网络攻击英国汽车制造商 Jaguar Land Rover（JLR）近日确认，其生产活动因一起网络攻击而

关键词cloud flareCloudflare 近日确认，其客户支持数据在一次涉及 Salesforce 集

关键词安全漏洞本周，针对 Microsoft IIS Web Deploy（msdeploy）的关键远程代码执

关键词网络攻击近日，网络安全企业Cloudflare披露成功抵御了一起创纪录的超大规模分布式拒绝服务（DDoS

A vulnerability was found in Apache Ambari up to 2.7.8. It has been declared as critical. This affects an unknown function of the component Ambari Metrics/AMS Alerts. The manipulation results in failure to sanitize special elements into a different plane (special element injection). This vulnerability is reported as CVE-2024-51941. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in mikecao flight up to 1.1.10. This affects an unknown function of the component HTTP Request Handler. The manipulation results in allocation of resources. This vulnerability was named CVE-2014-125127. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Akinsoft MyRezzta up to 2.05.0. This impacts an unknown function. This manipulation causes authorization bypass. The identification of this vulnerability is CVE-2024-13063. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Akinsoft MyRezzta up to 2.05.00. Impacted is an unknown function. Such manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is documented as CVE-2025-2415. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Akinsoft MyRezzta up to 2.05.00. The affected element is an unknown function. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2024-13064. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

The BC-SECURITY team has released a major update to its flagship offensive security framework, Empire, introducing enhanced agent capabilities and comprehensive API support designed to streamline post-exploitation operations and adversary emulation for Red Teams and penetration testers worldwide. Enhanced Features Drive Advanced Operations Empire’s latest iteration showcases a server/client architecture engineered for multiplayer support, enabling distributed teams to […]

The post Empire Red Teaming Tool Updated With Enhanced Agents and API Support appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researcher Jeremiah Fowler discovered an unsecured and misconfigured server exposing 378 GB of internal Navy Federal Credit…

Cloudflare has notified customers that hackers may have accessed their data as part of the Salesloft Drift campaign

派拉蒙和动视联手制作《使命召唤》游戏的真人版电影。派拉蒙还承诺，对待《使命召唤》电影版就像对待《壮志凌云：独行侠（Top Gun: Maverick）》。《壮志凌云：独行侠》是派拉蒙影业历史上最卖座的电影。派拉蒙董事长兼 CEO David Ellison 称他是游戏的忠实粉丝，表示将致力于确保真人版电影能达到最高标准。

Антимонопольное дело закончилось сеансом групповой терапии.

远程和混合工作模式增加了影子IT的风险，员工使用个人设备或未授权应用可能导致数据泄露或安全问题。便携式存储设备如USB和外部硬盘因高效便捷常被滥用。解决方法包括采用加密设备、限制端口接入、实时监控和员工培训，以平衡安全性和实用性，并培养安全文化。