Aggregator

A vulnerability was found in Mozilla Thunderbird up to 91.13.0. It has been declared as problematic. This vulnerability affects unknown code of the component HTML Email Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2022-3034. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in vim. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-3352. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 98 and classified as critical. Affected by this vulnerability is an unknown functionality of the component NSSToken Object Handler. The manipulation leads to use after free. This vulnerability is known as CVE-2022-1097. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 98 and classified as critical. Affected by this issue is some unknown functionality of the component WebAuthN Extension Handler. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2022-28281. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 98. It has been classified as problematic. This affects an unknown part of the component rel Handler. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-28282. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Это не просто статистика — это риск для каждого второго пользователя.

From the near-demise of MITRE's CVE program to a report showing that AI outperforms elite red teamers in spearphishing, April 2025 was another whirlwind month in cybersecurity

Гибридные облака создают новые уязвимости, к которым бизнес оказался не готов.

A previously undocumented remote access trojan (RAT) named ResolverRAT has surfaced, specifically targeting healthcare and pharmaceutical organizations worldwide. First observed as recently as March 10, 2025, this malware distinguishes itself from related threats like Rhadamanthys and Lumma through its sophisticated in-memory execution and multi-layered evasion techniques. Morphisec, a leading cybersecurity firm, has detailed the malware’s […]

The post ResolverRAT Targets Healthcare and Pharmaceutical Sectors Through Sophisticated Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 98. Affected is the function MLoadTypedArrayElementHole of the component JIT Code Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2022-28285. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.7. It has been classified as critical. Affected is an unknown function of the component NSSToken Object Handler. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-1097. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 98. This affects an unknown part of the component Rust Regex Crate. The manipulation leads to incorrect regular expression. This vulnerability is uniquely identified as CVE-2022-24713. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Firefox up to 98. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2022-28286. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 98 and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2022-28289. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebAuthN Extension Handler. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2022-28281. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses

The “cyber incident” that British multinational retailer Marks & Spencer has been struggling with for over a week is a ransomware attack, multiple sources have asserted. The Telegraph’s sources say ransomware was deployed by a unnamed criminal gang. Bleeping Computer’s says the attackers were members of the Scattered Spider hacking group, and that M&S’s virtual machines on VMware ESXi hosts have been encrypted with the DragonForce encryptor. The effects of the attack The company publicly … More →

The post Marks & Spencer cyber incident linked to ransomware group appeared first on Help Net Security.

Europol has announced the launch of a powerful new Operational Taskforce (OTF), codenamed GRIMM, to confront the alarming rise of “violence-as-a-service” (VaaS) and the growing recruitment of young people by organised crime groups across Europe. Spearheaded by Sweden and joined by law enforcement from Belgium, Denmark, Finland, France, Germany, the Netherlands, and Norway, this multinational effort […]

The post Europol Launches Taskforce to Combat Violence-as-a-Service Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文从 MCP 项目方的视角出发，帮助项目方对 MCP 钱包应用进行安全审计。

本文从 MCP 项目方的视角出发，帮助项目方对 MCP 钱包应用进行安全审计。