Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool
Aggregator
CVE-2025-49112 | Valkey up to 8.1.1 networking.c setDeferredReply integer underflow (Nessus ID 238417)
8 months 1 week ago
A vulnerability was found in Valkey up to 8.1.1. It has been rated as problematic. Affected by this issue is the function setDeferredReply of the file networking.c. The manipulation leads to integer underflow.
This vulnerability is handled as CVE-2025-49112. The attack needs to be done within the local network. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
2025年5月奖励公告
8 months 1 week ago
【2502众测挑战赛】海外电商业务新上线!
8 months 1 week ago
研究认为霸王龙的大型化始于亚洲
8 months 1 week ago
日本北海道大学研究团队在《自然》上发表研究成果,指出体重不到约 500 公斤的中间型的暴龙在以几百万年为单位在亚洲和北美大陆之间迁徙的过程中,朝着体重达到约 1 吨以上的大型化方向进化。此前的观点是认为体型增大仅发生在北美。研究团队报告在蒙古约 9300 万至 8300 万年前地层中发现了中间型暴龙化石,将其新命名为“Khankhuuluu mongoliensis”。他们推测完成大型化的暴龙的祖先起源于亚洲,最晚在约 8600 万年前迁徙至北美,然后最晚在约 7800 万年前迁徙至亚洲,在约 7300 万年至约 6700 万年前再次迁徙至北美。迁徙的理由尚不清楚,团队表示将进一步研究。
ИИ лечит душу, а потом отправляет её в облако — вместе со всеми секретами
8 months 1 week ago
Когда разговор с ботом заканчивается больничной койкой.
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
8 months 1 week ago
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a […]
The post Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Kaaviya
两名欧洲记者的手机感染了以色列间谍软件 Paragon
8 months 1 week ago
2025 年 4 月 29 日苹果通知部分 iOS 用户,称他们成为先进间谍软件的攻击目标。加拿大多伦多大学公民实验室对两位欧洲记者 iPhone 手机进行的分析证实,他们遭到了以色列公司 Paragon 的间谍软件 Graphite 的攻击。苹果表示它已经释出了 iOS 18.3.1 缓解了部署间谍软件利用的零点击攻击,该漏洞被分配了编号 CVE-2025-43200。被攻击的两名欧洲记者一人要求匿名,另一人是意大利记者 Ciro Pellegrino。攻击发生在 2025 年 1 月到 2 月初之间,当时 iPhone 运行的是 iOS 18.2.1系统。Pellegrino 的同事、Fanpage.it 网站编辑 Francesco Cancellato 于 2025 年 1 月收到 WhatsApp 通知称遭到 Graphite 间谍软件的攻击。这起攻击可能与意大利政府有关。
Qilin
8 months 1 week ago
You must login to view this content
cohenido
Qilin
8 months 1 week ago
You must login to view this content
cohenido
Qilin
8 months 1 week ago
You must login to view this content
cohenido
Qilin
8 months 1 week ago
You must login to view this content
cohenido
CVE-2025-29902 | Telex Remote Dispatch Console Server code injection (EUVD-2025-18259)
8 months 1 week ago
A vulnerability was found in Telex Remote Dispatch Console Server. It has been classified as very critical. Affected is an unknown function. The manipulation leads to code injection.
This vulnerability is traded as CVE-2025-29902. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-29902 | RTS VLink Virtual Matrix Software code injection (EUVD-2025-18259)
8 months 1 week ago
A vulnerability was found in RTS VLink Virtual Matrix Software. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection.
This vulnerability is known as CVE-2025-29902. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Scale AI 亚历山大·王的创业法则:人类计算资源可像计算机一样编排,吴恩达一观点毁掉红杉投资,YC创始人一句话带来商业灵感
8 months 1 week ago
Meta正式宣布投资近150亿美元收购Scale AI 49%股份,同时聘请其创始人亚历山大·王领导全新的"超级智能"实验室。25岁的亚历山大·王是华裔天才创业者,19岁从MIT辍学创立Scale AI,专注为AI模型提供高质量数据标注服务,八年内将公司发展为估值138亿美元的AI独角兽,被誉为"AI模型的数据工厂",为OpenAI、Meta、Google等主要AI公司提供数据服务。在最新访谈中,亚历山大·王分享了创业方法论:强调认知套利能力比技术更重要,专注度是创业公司对抗科技巨头的核心优势,企业销售中感知比现实更重要。他指出当前AI发展面临数据墙困境,合成数据无法完全解决问题,未来需要人类生成数据与计算资源同步指数级增长,这为Scale AI等数据基础设施公司带来巨大机遇。
CVE-2013-5660 | Powersoftware WinArchiver 3.2 Flow memory corruption (ID 121512 / EDB-25131)
8 months 1 week ago
A vulnerability was found in Powersoftware WinArchiver 3.2. It has been rated as very critical. Affected by this issue is some unknown functionality of the component Flow. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2013-5660. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
使用python生成添加管理员账户的exe
8 months 1 week ago
在渗透测试中,针对Windows服务器获取webshell后一般会考虑新建管理员账号(当然某些情况下可以直接读密码)登录rdp方便渗透,所以考虑自己做个免杀的exe来添加用户。
CVE-2025-2843 | rhobs observability-operator privilege escalation
8 months 1 week ago
A vulnerability was found in rhobs observability-operator and classified as critical. This issue affects some unknown processing. The manipulation leads to privilege escalation.
The identification of this vulnerability is CVE-2025-2843. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
量子+区块链!迄今最“可信”的随机数生成器发布
8 months 1 week ago
《Nature》期刊最新报道
工信部:AI绘图工具ComfyUI多个安全漏洞已被用于实施网络攻击
8 months 1 week ago
ComfyUI工具5个安全漏洞已被用于实施网络攻击。