Aggregator

A vulnerability was found in Patterninsight Pattern Insight 2.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Error Message Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2012-4950. The attack may be launched remotely. There is no exploit available.

DroidBot: Insights from a new Turkish MaaS fraud operation

Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indian Army targets.

The post Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage appeared first on Microsoft Security Blog.

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]

莫道桑榆晚，为霞尚满天：「在职社会人」备考应试指南

MarkEdit – 只有 2.36 MB 的开源 Markdown 编辑器，为 macOS 预览增加预览 .md 格式

A vulnerability classified as critical was found in Linux Kernel up to 5.10.202/5.15.140/6.1.64/6.6.3 on Redis. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2023-52775. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.32/6.9.3. It has been declared as critical. This vulnerability affects the function __blkcg_rstat_flush of the component blk-cgroup. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-38384. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Akile探针服务器监控面板

langchain + ollama 实现本地文档搜索 - 朝阳1 - 博客园

A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. This vulnerability is known as CVE-2024-12188. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. This vulnerability is traded as CVE-2024-12187. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

基于 AnythingLLM 及 Ollama 构建本地知识库 - knqiufan - 博客园

我写了个总结微信消息的 MCP Server - V2EX

求助！手握 8 台 8 卡 4090 机器，想利用起来，有什么可以搞的项目？ [采纳 2 个，请喝咖啡（19.99r）] - V2EX

Submit #455061 / VDB-286909

Submit #455058 / VDB-286908

因博通对VMware产品涨价10倍 英国某服务器提供商转向开源方案

“危“”机“并存，五位网络安全大咖预警2025年安全态势