Aggregator

英格兰约克郡的一只母羊感染了 H5N1 禽流感，此前同一地点的笼中鸟被发现 H5N1 阳性。母羊的奶水中发现了病毒，血液中也检测到了 H5 的抗体，它也出现了感染症状乳腺炎。绵羊感染 H5N1 与美国奶牛感染的情况基本相同。从去年 3 月至今美国 17 个州至少有 989 头奶牛感染了禽流感，病毒也传播给了至少 70 人，大部分是奶牛场工人，他们的症状相对较轻，但有 1 人死于感染。英国政府表示为减轻传播风险感染的母羊已经被人道宰杀，情况已经得到控制。除了牛羊，从猫和熊到浣熊和海豹等动物也都检测到感染禽流感，目前尚未记录到人与人之间的传播。但专家担心，随着病毒外溢和接触人类的次数增多，病毒将获得更多的适应机会，增加对人类的传染性。

Nederlandse F-35-gevechtsvliegtuigen hebben twee Russische vliegtuigen boven de Oostzee onderschept. De toestellen naderden het NAVO-verdragsgebied. Een overzicht van Defensieoperaties in de week van 19 tot en met 25 maart 2025.

Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by a suspected state-sponsored APT group to target media outlets and educational institutions in Russia. About CVE-2025-2783 Google explains the source of the flaw thus: “Incorrect handle provided in unspecified circumstances in Mojo on Windows.” … More →

The post Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) appeared first on Help Net Security.

Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab, specifically targeting industrial systems associated with ORPAK, a company involved in gas stations and oil transportation. The malware, which was uploaded to VirusTotal in January 2024 from the U.S., employs advanced techniques to evade detection and maintain persistence on compromised systems. Exploitation of […]

The post New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in KakaoTalk 10.4.3 and classified as problematic. This vulnerability affects unknown code of the component HTTP Request Header Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-51219. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Brainstorm Force Spectra Plugin up to 2.3.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is handled as CVE-2023-23735. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Slider Revolution Plugin up to 6.7.11 on WordPress. This affects an unknown part. The manipulation of the argument Add Layer class/id/title leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-4581. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Slider Revolution Plugin up to 6.7.10 on WordPress. Affected by this issue is some unknown functionality of the component Elementor. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-4637. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Simple Ajax Chat Plugin 20240223 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-2470. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in FS Product Inquiry Plugin up to 1.1.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-4856. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in FS Product Inquiry Plugin up to 1.1.1 on WordPress. This vulnerability affects unknown code of the component Form Submission Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-4857. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Events Calendar Plugin up to 6.4.0.0 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-4180. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

近日，绿盟科技CERT监测到Next.js发布安全公告，修复了Next.js中间件权限绕过漏洞（CVE-2025-29927）。目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到Next.js发布安全公告，修复了Next.js中间件权限绕过漏洞（CVE-2025-29927）。目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到Next.js发布安全公告，修复了Next.js中间件权限绕过漏洞（CVE-2025-29927）。目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到Next.js发布安全公告，修复了Next.js中间件权限绕过漏洞（CVE-2025-29927）。目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

近日，绿盟科技CERT监测到Next.js发布安全公告，修复了Next.js中间件权限绕过漏洞（CVE-2025-29927）。目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

191 пострадавший и 2,7 млн рублей: новая схема онлайн-мошенников.