Aggregator

Meta is replacing its fact-checking program with a “community notes” system, citing a shift in moderation strategy after a “cultural tipping point.” Meta CEO Mark Zuckerberg announced that the fact-checking program should be ended and replaced with a community-driven system. Zuckerberg cited a shift toward free speech and explained that the new model will be […]

Meta replaces fact-checking with community notes post ‘Cultural Tipping Point’

A vulnerability was found in Property Hive Plugin up to 2.1.0 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12585. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Auto iFrame Plugin up to 1.x on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-10151. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in VMware Aria Automation up to 8.18.1. It has been classified as critical. This affects an unknown part of the component Organization Member Handler. The manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2025-22215. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

● 点击↑蓝字关注我们，获取更多安全风险通告漏洞概述漏洞名称SonicOS SSLVPN 认证绕过漏洞漏洞编号QVD-2025-1811,CVE-2024-53704公开时间2025-01-08影响量

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

“As a Red Teamer, I’ve always believed the best defe

A vulnerability was found in Apache OpenMeetings up to 7.x and classified as problematic. Affected by this issue is some unknown functionality of the component Cluster Mode. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-54676. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and SMTP, offering a comprehensive suite of features designed for security, performance, and scalability. Built with Rust, Stalwart stands out for its modern architecture that emphasizes safety and speed, making it an ideal choice for both individual users and enterprises. Features 1. […]

The post Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

•  SMB3内核服务器（ksmbd）漏洞研究：深入探索Linux内部与网络通信安全ksmbd vulnerability research本文深入研究了Linux内核中的SMB3组件（ksmbd）的

As we wrap up 2024, let’s take a moment to reflect on what an incredible year it’s been for ANY.RUN. Together, we’ve achieved so much: breaking barriers, improving tools, and working side by side with you, our amazing community of cybersecurity heroes.  From big product launches to small tweaks that make a huge difference, everything […]

The post 2024 Wrapped: A Year of Growth, Innovation, and Community at ANY.RUN  appeared first on ANY.RUN's Cybersecurity Blog.

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on browsing history and user interaction, which disrupts cross-website tracking practices by preventing cookie-matching methods used for targeted advertising.  The evaluation results show that PRIVESHIELD is more than 90% effective in preventing ad exchanges from sharing user information. In Real-time Bidding (RTB), […]

The post PriveShield – Advanced Privacy Protection with Browser Profile Isolation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations.  As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through this vulnerability. Despite the disclosure in September 2024, a significant number of devices, exceeding 48,933, […]

The post 1000’s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.