Aggregator

近日，Vite 官方披露了一个中高风险安全漏洞，分配编号为CVE-2025-30208，攻击者可利用该漏洞绕过

大模型赋能的漏洞自动化分析全解析。

大模型赋能的漏洞自动化分析全解析。

大模型赋能的漏洞自动化分析全解析。

近日，Vite 官方披露了一个中高风险安全漏洞，分配编号为CVE-2025-30208，攻击者可利用该漏洞绕过

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

混合的网络环境、人工智能驱动的网络攻击，将大幅提升网络安全的重要性。

Security researchers have uncovered a new attack campaign by the North Korean state-sponsored APT group Kimsuky, also known as “Black Banshee.” The group, active since at least 2012, has been observed employing advanced tactics and malicious scripts in their latest cyber espionage efforts targeting countries such as South Korea, Japan, and the United States. The […]

The post North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Event Post Plugin up to 5.9.9 on WordPress and classified as problematic. This vulnerability affects the function events_list of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-2167. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in vcita CRM and Lead Management Plugin up to 2.7.4 on WordPress and classified as problematic. This issue affects the function vCitaMeetingScheduler/vCitaSchedulingCalendar of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-13702. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Active Products Tables for WooCommerce Plugin up to 1.0.6.7 on WordPress. This affects the function get_smth. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2025-1514. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Total Upkeep Plugin up to 1.16.10 on WordPress and classified as critical. This vulnerability affects the function proc_open of the component Setting Handler. The manipulation of the argument compression_level leads to command injection. This vulnerability was named CVE-2025-2257. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Xenioushk BWL Advanced FAQ Manager Plugin up to 2.1.4 on WordPress. It has been rated as critical. Affected by this issue is the function baf_set_notice_status. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2024-13801. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in contrid Newsletters Plugin up to 4.9.9.7 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-2009. The attack can be initiated remotely. There is no exploit available.

一图读懂《工业互联网安全分类分级管理办法》