Aggregator

A vulnerability has been found in VMware Avi Load Balancer up to 22.1.5/30.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2024-22264. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Base64 Encoder Decoder Plugin up to 0.9.2 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-3823. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 6.8 on AMD. Affected by this vulnerability is an unknown functionality of the component Virtual Interrupt Handler. The manipulation leads to injection. This vulnerability is known as CVE-2024-25742. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in tine 2.0/2.0 2017.02.4/2.0 2017.08.4. This issue affects the function getRegistryData of the file setup.php of the component LDAP Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-36070. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in NetEase taurusxin ncmdump 1.3.2. Affected is the function NeteaseCrypt::FixMetadata of the file /src/ncmcrypt.cpp of the component NCM File Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-34952. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, was found in pdfjs-dist. Affected is an unknown function of the file PDF.js. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2024-4367. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

OpenAI ChatGPT 的新功能催生出一场吉卜力工作室动画风格图像的生成热潮。OpenAI CEO 奥尔特曼也将 X 平台（原推特）头像换成了吉卜力风格的图像，上传至社交平台（SNS）的此类生成图像层出不穷，但也有人担心这会引发著作权问题。部分美国媒体指出，新功能使得“复制著作权受保护作品的风格变得更加容易”。报道同时指出，知识产权专家认为在法律上这属于“灰色地带”，可能会引发著作权纠纷。

A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope

Как "халявный" интернет становится ловушкой для ваших данных.

A vulnerability classified as problematic was found in Linux Kernel up to 6.7.5. This vulnerability affects the function register_netdevice_notifier of the component hv_netvsc. The manipulation leads to privilege escalation. This vulnerability was named CVE-2024-26820. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.6.17/6.7.5. This issue affects the function algif_hash of the component crypto. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-26824. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Tenda AC500 2.0.1.9. It has been declared as critical. This vulnerability affects unknown code of the file /goform/setVlanInfo. The manipulation of the argument port leads to buffer overflow. This vulnerability was named CVE-2023-46060. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Sharp Rouvo V. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-38302. The attack needs to be approached locally. There is no exploit available.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.17/6.7.5. This affects an unknown part of the component SMB Client. The manipulation of the argument id/uid/cruid leads to privilege escalation. This vulnerability is uniquely identified as CVE-2024-26822. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 网络安全研究人员揭示了一种新型的“钓鱼即服务”（PhaaS）平台。该平台利用域名系统（DNS）中的邮件交换（MX）记录生成虚假登录页面，伪造约114个品牌，以骗取用户凭据。 DNS情报公司Infoblox正在追踪此次活动，并将该钓鱼套件及相关攻击活动命名为Morphing Meerkat（变形猫鼬）。 “该攻击者通常利用广告技术基础设施中的开放重定向漏洞，劫持域名进行钓鱼活动，并通过包括Telegram在内的多种渠道分发窃取的凭据。”Infoblox在与《The Hacker News》分享的报告中表示。 Forcepoint在2024年7月记录了一次利用该PhaaS工具包的攻击活动。攻击者在钓鱼邮件中插入链接，伪装成共享文档。受害者点击链接后会被重定向至Cloudflare R2上的虚假登录页面，输入凭据后信息将通过Telegram传输至攻击者手中。 据估计，Morphing Meerkat已发送了数千封垃圾邮件。为了绕过安全过滤，攻击者主要依赖受感染的WordPress网站以及Google旗下DoubleClick等广告平台的开放重定向漏洞。 此外，该钓鱼套件还支持实时翻译，能够将钓鱼页面的内容动态转换为包括英语、韩语、西班牙语、俄语、德语、中文和日语在内的十多种语言，针对全球用户进行攻击。 钓鱼页面还具备多项反分析措施，例如禁止鼠标右键点击和屏蔽键盘快捷键（如Ctrl + S用于保存网页、Ctrl + U用于查看网页源代码），进一步阻碍安全研究人员的分析。 Morphing Meerkat真正独特之处在于它通过从Cloudflare或Google获取的DNS MX记录识别受害者的邮件服务提供商（如Gmail、Microsoft Outlook或Yahoo!）。随后，它会动态生成相应的虚假登录页面，以增加欺骗的可信度。 如果钓鱼套件无法识别受害者的MX记录，则会默认显示一个伪装成Roundcube的登录页面。 “这种攻击方式为攻击者带来了显著优势，”Infoblox表示。“它使攻击者能够针对特定受害者进行定向攻击，通过与受害者实际使用的邮件服务提供商高度一致的网页内容，提高欺骗成功率。” “整体钓鱼体验显得更加真实，因为登录页面的设计通常与钓鱼邮件中的消息相匹配。这种技术进一步诱骗受害者在钓鱼页面中提交他们的邮箱凭据。” 消息来源：The Hacker News；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

Cloudflare has contributed to the open-sourcing of OPKSSH, a tool that integrates single sign-on (SSO) technologies like OpenID Connect (OIDC) into SSH protocols. This integration simplifies SSH access by leveraging OpenPubkey, which embeds public keys into the SSO tokens issued by identity providers (IdPs). The main beneficiaries of this innovation are organizations that struggle with […]

The post Cloudflare Introduces OpenPubkey SSH with Single Sign-On Integration appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

研究人员揭示了马具有非凡耐力的秘密：KEAP1 基因产生的一种突变增强了其能量生成，并同时能保护细胞免受氧化应激的损害。研究人员对 196 种哺乳动物中的 KEAP1 基因（它是氧化还原平衡和线粒体能量产生的关键调节因子）进行了演化分析。KEAP1 被认为是运动科学中的一个重要靶点；它也与多种人类疾病（如肺癌和慢性阻塞性肺病）有关。现代的马、驴和斑马都演化出了一种独特的基因适应机制，后者涉及 KEAP1 基因中的一个早现终止密码子（UGA）。通过系统基因组学、蛋白质组学和代谢组学分析以及活体组织研究，作者发现，这个终止密码子在马中被有效地重新编码为半胱氨酸（C15），从而增强了该基因的功能。这一单点突变减少了对 NRF2（一种减轻氧化应激的蛋白质）的抑制，从而增加了线粒体呼吸和 ATP 的产生能力。虽然过强的 NRF2 活性会对其他哺乳动物有害，但这种适应机制似乎为马提供了一种平衡的解决方案：既能增加线粒体的能量生成，又可控制氧化应激。

HackerNews 编译，转载请注明出处： Mozilla已发布更新，修复了影响其Firefox浏览器的严重安全漏洞。就在几天前，谷歌修复了Chrome中的类似漏洞，该漏洞曾作为零日漏洞在实际攻击中被利用。 这一安全漏洞编号为CVE-2025-2857，被描述为由于错误的句柄管理导致的沙箱逃逸问题。 “在近期Chrome沙箱逃逸漏洞（CVE-2025-2783）曝光后，Firefox的多位开发人员在我们的IPC（进程间通信）代码中发现了类似的模式。”Mozilla在公告中表示。 “受感染的子进程可能导致父进程返回一个意外的高权限句柄，从而实现沙箱逃逸。” 该漏洞影响了Firefox和Firefox ESR，Mozilla已在以下版本中修复了问题：   – Firefox 136.0.4   – Firefox ESR 115.21.1   – Firefox ESR 128.8.1   目前没有证据表明CVE-2025-2857在野外被利用。 与此同时，谷歌也已发布Chrome 134.0.6998.177/.178版，以修复CVE-2025-2783。该漏洞在针对俄罗斯的媒体机构、教育机构和政府组织的攻击中被积极利用。 卡巴斯基在2025年3月中旬检测到这一活动，称受害者是在点击钓鱼邮件中的恶意链接后遭到感染。当受害者使用Chrome打开攻击者控制的网站时，攻击随即发生。 据悉，攻击者将CVE-2025-2783与另一个未知的浏览器漏洞结合使用，成功逃逸沙箱并执行远程代码。不过，修补该漏洞可有效阻断整个攻击链。 美国网络安全和基础设施安全局（CISA）已将此漏洞添加到其“已知被利用的漏洞”（KEV）目录中，并要求联邦机构在2025年4月17日之前采取必要的缓解措施。 建议用户尽快将浏览器更新至最新版本，以防范潜在的安全风险。   消息来源：The Hacker News；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

马斯克（Elon Musk）诸多受争议行为在社交媒体平台 Reddit 引发了社群的集体抗议，逾百个 Subreddit 禁止了来自马斯克旗下平台 X/Twitter 的链接。根据 The Verge 的报道，马斯克通过私下施压 Reddit CEO Steve Huffman 去压制对其及其领导的政府效率部（DOGE）的批评。双方之间交流的信息细节没有披露。