Aggregator

为规范促销经营行为，维护“6·18”期间网络交易秩序，保护消费者合法权益，近日，市场监管总局向综合电商、直播电商、跨境电商等平台企业发布“6·18”网络集中促销合规提示。

意见反馈截止日期为2025年7月6日前。

《中国网络法治发展报告（2024年）》全文发布

作为专精特新示范企业、原创技术策源地和云计算创新联合体，天翼云科技有限公司在实现自身高质量发展的同时，积极探索构建科学合理的网络安全人才评价体系，为网络安全人才评价体系的创新与发展提供更多理论实践依据，助力我国网络安全人才队伍的高质量发展。

Cisco Talos discovers PathWiper, a destructive new malware targeting critical infrastructure in Ukraine, highlighting ongoing cyber threats amidst the Russia-Ukraine conflict.

Айтишники массово проваливают скам-тест с зарплатой «5000₽ в час».

Им запретили покупать чипы — они изобрели новые, не похожие ни на что.

A vulnerability has been found in Encaps EncapsGallery 1.11.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file watermark.php. The manipulation of the argument File leads to cross site scripting. This vulnerability is known as CVE-2008-1296. The attack can be launched remotely. Furthermore, there is an exploit available.

遗憾的是，由于依赖包的存在，无法取消发布受陷版本。

旨在增强美国的网络安全，重在修复拜登和奥巴马行政令中的“问题元素”。

On June 6, 2025, the Jenkins Project issued a security advisory (SECURITY-3588 / CVE-2025-5806) affecting the Gatling Plugin, a widely used tool for displaying performance test reports within the Jenkins automation server. The vulnerability carries a high severity rating, with CVSS base scores ranging from 8.0 to 9.0 across different versions, indicating a significant risk […]

The post Jenkins Gatling Plugin Flaw Allows CSP Bypass, Exposing Systems to Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption. This vulnerability is traded as CVE-2025-5869. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability has been found in Shinetheme Traveler Plugin up to 3.1.8 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to deserialization. This vulnerability was named CVE-2025-26873. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. This vulnerability is known as CVE-2025-5870. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

本次披露样本与之前披露样本属于同类型样本，但是样本与之前有所差异，是未被披露过的相关样本。该类型样本结构相对复杂，载荷更新也较快，需要引起足够的重视

Так ждёт ли нас столкновение с огромной галактикой в будущем? Или пронесло?

A vulnerability was found in Watchguard Server Center 11.7.4. It has been classified as critical. This affects an unknown part in the library wgpr.dll of the file wlcollector.exe of the component Path Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2013-5701. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning…

Сбой в 0.0001% айфонов раскрыл масштабную кибератаку.

漏洞分析、脚本生成… 大语言模型如何助力网络安全？这门课告诉你答案！