Aggregator

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

PS: 文字版内容请等待本周五即将发布的文章

美国政府探索“先发制人式”打击外国黑客能力的创新方式

全环节全周期防护

Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals

Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters allegedly stole search and viewing history of Premium users via a Mixpanel data breach. Mixpanel is a product analytics platform that companies use to understand how people interact […]

Отчёты о найденных в даркнете данных уйдут в прошлое — Google назвал даты.

If you’ve ever looked at a SOC queue and thought, “Where do we even start?” you’re not alone.  Most teams face more alerts than they can realistically investigate, tools that don’t always connect, and investigations that take longer than they should.  In a recent webinar, we shared a simple framework for speeding up detection and response without overloading teams. You can watch the full […]

The post SOC Leader’s Playbook: 3 Practical Steps to Faster MTTR  appeared first on ANY.RUN's Cybersecurity Blog.

3月，我们杭州见～

再次回看传统Web内存马时的理解与思考

Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

A vulnerability labeled as problematic has been found in Yoav Farhi RTL Tester Plugin up to 1.2 on WordPress. This affects an unknown function. The manipulation results in cross-site request forgery. This vulnerability is identified as CVE-2025-64239. The attack can be executed remotely. There is not any exploit available.

A vulnerability identified as problematic has been detected in Astoundify Listify Plugin up to 3.2.5 on WordPress. The impacted element is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is referenced as CVE-2025-59009. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in Freshchat Plugin up to 2.3.4 on WordPress. The affected element is an unknown function. Executing manipulation can lead to cross-site request forgery. The identification of this vulnerability is CVE-2025-64240. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Meks Quick Plugin Disabler up to 1.0 on WordPress. It has been rated as problematic. Impacted is an unknown function. Performing manipulation results in cross-site request forgery. This vulnerability was named CVE-2025-68083. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in LMPixels Kerge Plugin up to 4.1.3 on WordPress. It has been declared as critical. This issue affects some unknown processing. Such manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2025-67989. The attack can be launched remotely. No exploit exists.

A vulnerability was found in Barn2 Plugins Document Library Lite Plugin up to 1.1.7 on WordPress. It has been classified as problematic. This vulnerability affects unknown code. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2025-67986. The attack can be initiated remotely. There is not any exploit available.