【安全圈】面对DNS盗版屏蔽令 Google、Cloudflare 和 OpenDNS 的应对各有不同
关键词DNS在欧洲,针对 OpenDNS、Google 和 Cloudflare 等 DNS 解析器发出的盗版
Aggregator
【安全圈】谷歌将因其位置追踪行为向德克萨斯州支付 14 亿美元
7 months ago
关键词Google谷歌将向德克萨斯州支付近14亿美元,以和解两起诉讼,这些诉讼涉及谷歌追踪用户位置并未经同意存
【安全圈】黑客利用微软 SharePoint 版 Copilot AI 漏洞窃取密码及敏感数据
7 months ago
关键词人工智能微软SharePoint版本的Copilot AI近期被发现存在严重安全漏洞,让攻击者能够非法获
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
7 months ago
Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack
The Hacker News
SoundCloud втихую изменил правила и сдал твою музыку на корм нейросетям — ты подписывался на это?
7 months ago
Артисты невольно стали учителями для хитрого ИИ-композитора.
印巴网络战演进:从混合战争到AI时代的攻防博弈
7 months ago
网络战已成为印巴双方博弈的核心战场
360助力“奥运冠军之城”七台河 培育新质人才
7 months ago
360“人才生态下沉”战略落地黑龙江,开启数字安全人才培养新篇章
印巴网络战演进:从混合战争到AI时代的攻防博弈
7 months ago
网络战已成为印巴双方博弈的核心战场
360助力“奥运冠军之城”七台河 培育新质人才
7 months ago
360“人才生态下沉”战略落地黑龙江,开启数字安全人才培养新篇章
Сначала это казалось безумием: висмут вместо кремния, новый диэлектрик и никакого сопротивления — а потом всё заработало
7 months ago
Пока мир гонится за 2нм, Китай строит процессоры на новых принципах.
Firewall Rule Bloat: The Problem and How AI can Solve it
7 months ago
Long lists of firewall rules can lead to misaligned and inconsistent policies, creating gaps in your security perimeter for threat actors to exploit.
The post Firewall Rule Bloat: The Problem and How AI can Solve it appeared first on Security Boulevard.
Sangita Patel
CVE-2024-1071
7 months ago
Currently trending CVE - Hype Score: 18 - The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied ...
CVE-2025-46193
7 months ago
Currently trending CVE - Hype Score: 1 - SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in user_proposal_update_order.php.
CVE-2025-46188
7 months ago
Currently trending CVE - Hype Score: 1 - SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php.
CVE-2025-46189
7 months ago
Currently trending CVE - Hype Score: 1 - SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter.
CVE-2025-46190
7 months ago
Currently trending CVE - Hype Score: 1 - SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter.
CVE-2025-46191
7 months ago
Currently trending CVE - Hype Score: 1 - Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploaded_file_cancelled field. Due to the absence of proper file extension checks, MIME type validation, and ...
CVE-2025-46192
7 months ago
Currently trending CVE - Hype Score: 1 - SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter.
CVE-2025-2563
7 months ago
Currently trending CVE - Hype Score: 23 - The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges
谷歌发布《2024年零日漏洞利用分析》:安全产品风险激增
7 months ago
2024年44%零日漏洞攻击企业端,安全网络类产品风险同比提升9%。