Aggregator

0x01 培训介绍在SRC漏洞挖掘当中，随着攻击面的缩小，常规姿势与技巧已经无法挖掘出比较满意的漏洞。那么本

0x01 培训介绍在SRC漏洞挖掘当中，随着攻击面的缩小，常规姿势与技巧已经无法挖掘出比较满意的漏洞。那么本

0x01 培训介绍在SRC漏洞挖掘当中，随着攻击面的缩小，常规姿势与技巧已经无法挖掘出比较满意的漏洞。那么本

Name: UNbreakable International 2025 - Individual Phase (an UNbreakable International event.)
Date: March 28, 2025, 9 a.m. — 28 March 2025, 10:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://unr25i-international.cyber-edu.co/
Rating weight: 0
Event organizers: bitsentinel

Digital transformation has revolutionized industries with critical infrastructure — but it has also introduced new vulnerabilities.

Ubuntu 发布团队在邮件列表上宣布释出 Ubuntu 25.04 (Plucky Puffin) Beta，正式版预计 4 月 17 日释出。Ubuntu 25.04 不是 LTS 版本，将只提供 6 个月的更新。Ubuntu 25.04 使用了最新的 Linux 内核 6.14， GNOME 48 桌面环境，Mesa 25.0 开源图形驱动，Python 3.13 等等。

Немецкие журналисты раскрыли контакты разведки США через интернет.

In a complex cyber operation discovered by Silent Push Threat Analysts, Russian hackers have launched a multi-pronged phishing campaign impersonating various organizations, including the CIA, to gather intelligence on individuals sympathetic to Ukraine’s defense efforts. The campaign, believed to be orchestrated by Russian Intelligence Services or aligned actors, utilizes a network of fraudulent websites to […]

The post Russian Hackers Impersonate CIA to Steal Ukrainian Defense Intelligence Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Arteche saTECH BCU 2.1.3. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-2863. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Arteche saTECH BCU 2.1.3. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-2864. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Arteche saTECH BCU 2.1.3. It has been classified as problematic. This affects an unknown part of the component Request Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2865. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Arteche saTECH BCU 2.1.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to weak encoding for password. This vulnerability is handled as CVE-2025-2862. The attack can only be done within the local network. There is no exploit available.

A vulnerability has been found in Arteche saTECH BCU 2.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-2860. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Arteche saTECH BCU 2.1.3. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2025-2859. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Arteche saTECH BCU 2.1.3. This issue affects some unknown processing of the component CLI. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2025-2858. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as problematic was found in Arteche saTECH BCU 2.1.3. This vulnerability affects unknown code of the component HTTP Protocol Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2025-2861. The attack can be initiated remotely. There is no exploit available.

Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector. The campaign utilizes a novel malware family called SHELBY, which abuses GitHub for command-and-control (C2) operations, data exfiltration, and command retrieval. Novel Malware Family Targets Iraqi Telecommunications Sector The SHELBY malware family consists of two main components: SHELBYLOADER and […]

The post SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in IBM PowerVM Hypervisor up to FW1050.30/FW1060.20. This affects an unknown part of the component Linux Processor Combability Mode. The manipulation leads to highly compressed data. This vulnerability is uniquely identified as CVE-2025-0986. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Как Shadow IT стало незаметной нормой — и что с этим делать.