Aggregator

A vulnerability, which was classified as critical, was found in My123tkshop E-commerce-suite 0.9.1. Affected is an unknown function of the file shop/admin.php. The manipulation of the argument admin leads to sql injection. This vulnerability is traded as CVE-2007-6458. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in BookReview. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file search.htm. The manipulation leads to information disclosure (Path). This vulnerability is known as CVE-2005-1782. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

Attackers are leveraging the benefits of new technology and the availability of commodity tools, credentials, and other resources to develop sophisticated attacks more quickly than ever, putting defenders on their heels.

Форум был разрушен в апреле — и всё равно вернулся онлайн.

Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab

CTF

A vulnerability has been found in Google Chrome and classified as critical. This vulnerability affects unknown code of the component GPU. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2022-4135. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in perfSONAR up to 4.4.5. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Search. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2022-41413. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Nextcloud Server and classified as problematic. Affected by this vulnerability is an unknown functionality of the component User Display Name Handler. The manipulation leads to resource consumption. This vulnerability is known as CVE-2022-39346. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft Edge. It has been declared as critical. This vulnerability affects unknown code of the component GPU. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2022-4135. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. [...]

人到中年，腰围往往会变粗，会堆积脂肪。美国希望之城国家医疗中心和加州大学洛杉矶分校等机构的临床前研究发现了与年龄相关的腹部脂肪增加背后的细胞元凶，为人到中年为何腰腹变粗提供了新见解，为未来预防腹部松弛和延长健康寿命的疗法提供了新靶点。小鼠研究发现，在年轻小鼠中，脂肪细胞祖细胞（APC）几乎不活跃，但在中年小鼠中，APC 被“唤醒”并开始产生新的脂肪细胞。大多数成体干细胞的生长能力会随着年龄增长而减弱，但 APC 恰恰相反——衰老解锁了这些细胞的进化和扩散能力。

Security teams are under more pressure than ever — and cybersecurity debt is adding fuel to the fire. While it can't be eliminated overnight, it can be managed.

Исследователи обнаружили фатальный изъян в архитектуре доверия мобильных устройств.