Aggregator

图：《劳动新闻》印刷版第 2 页和第 3 页 | 图片：《劳动新闻》（2026 年 2 月 3 日）朝鲜主要报

A vulnerability categorized as problematic has been discovered in Yokogawa Electric FAST TOOLS up to R10.04. Impacted is an unknown function. Such manipulation leads to security check for standard. This vulnerability is traded as CVE-2025-66607. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Yokogawa Electric FAST TOOLS up to R10.04. It has been rated as problematic. This issue affects some unknown processing. This manipulation causes risky cryptographic algorithm. This vulnerability appears as CVE-2025-66597. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Yokogawa Electric FAST TOOLS up to R10.04. It has been declared as problematic. This vulnerability affects unknown code of the component Requests Handler. The manipulation results in path traversal: '\..\filename'. This vulnerability is reported as CVE-2025-66608. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Yokogawa Electric FAST TOOLS up to R10.04. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper neutralization of invalid characters in identifiers in web pages. This vulnerability is documented as CVE-2025-66606. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Yokogawa Electric FAST TOOLS up to R10.04 and classified as problematic. Affected by this issue is some unknown functionality. Executing a manipulation can lead to exposure of private personal information to an unauthorized actor. This vulnerability is registered as CVE-2025-66605. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Yokogawa Electric FAST TOOLS up to R10.04 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component OPTIONS Method Handler. Performing a manipulation results in security check for standard. This vulnerability is cataloged as CVE-2025-66603. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in Yokogawa Electric FAST TOOLS up to R10.04. Affected is an unknown function. Such manipulation leads to reliance on ip address for authentication. This vulnerability is listed as CVE-2025-66602. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Yokogawa Electric FAST TOOLS up to R10.04. This impacts an unknown function. This manipulation causes security check for standard. This vulnerability is tracked as CVE-2025-66601. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Yokogawa Electric FAST TOOLS up to R10.04. This affects an unknown function of the component Detailed Message Handler. The manipulation results in information exposure through error message. This vulnerability is identified as CVE-2025-66594. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Yokogawa Electric FAST TOOLS up to R10.04. The impacted element is an unknown function. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is referenced as CVE-2025-66604. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Yokogawa Electric FAST TOOLS up to R10.04. The affected element is an unknown function of the component Configuration Handler. Executing a manipulation can lead to security check for standard. The identification of this vulnerability is CVE-2025-66600. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

Директива 26-02 запрещает госорганам использовать технику с истекшим сроком жизни.

Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising safety-critical environments, why resilience and continuity matter as much as prevention, and how the airline manages risk across an interconnected … More →

The post United Airlines CISO on building resilience when disruption is inevitable appeared first on Help Net Security.

开源音频工作站 Ardour 释出了 9.0 版本。这是一次重大更新，带来了用户长期期待的新功能。主要变化包括： Region FX、剪辑录制、触控式 GUI、钢琴卷帘窗口、剪辑编辑等等，此外还修复了数十个 bug，新的 MIDI 绑定映射，改进了大多数 macOS 用户的 GUI 性能。开发者表示期待用户的反馈。

Современные модели рисуют древних людей хуже, чем расисты 1860-х — и этим все сказано.

经国家计算机病毒应急处理中心检测，72款移动应用存在违法违规收集使用个人信息情况。

研究团队高度确信，遭受Tsundere Bot感染的主机极有可能成为后续勒索软件攻击的目标。

Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing systems. The project supports alerts from many sources. Once alerts enter the platform, it uses a workflow engine and AI agents to enrich, triage, and act on the data. The integrations … More →

The post Allama: Open-source AI security automation appeared first on Help Net Security.