Aggregator

Lingokids是一款专为2至8岁儿童设计的教育类应用，通过互动游戏、动画视频等形式提供英语、STEM、艺术等多学科学习内容。其Playlearning理念强调在游戏中学习，注重儿童自主探索和全面发展。应用内容丰富且动态适配孩子成长需求，并融入情绪认知和社交技能培养。

NVIDIA警告用户启用系统级ECC以防范针对GDDR6 GPU的Rowhammer攻击。研究人员展示了该攻击对A6000 GPU的影响，并开发了GPUHammer工具。Rowhammer通过内存行访问引发数据位翻转，导致数据损坏或服务中断。ECC可纠正单比特错误，保障数据可靠性。部分新GPU已内置保护功能。

Одна планета, три реактора, четыре топлива — и только один шанс выйти на орбиту.

作者重新启动旧项目，整理渗透测试和红队相关的技术资料，并创建了rootstash仓库来有条理地管理这些内容。为了避免拖延，他选择逐步更新并发布案例研究。最近的例子是优化处理ShapHound输出的Python脚本，并将其公开。

The ransomware landscape witnessed a dramatic shift in June 2025 as the Qilin ransomware group surged to become the most active threat actor, recording 81 victims and representing a staggering 47.3% increase in activity compared to previous months. This Ransomware-as-a-Service operation, which has accumulated over 310 victims since its emergence, has distinguished itself through sophisticated […]

The post Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities appeared first on Cyber Security News.

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. This vulnerability was named CVE-2025-7525. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. This vulnerability is uniquely identified as CVE-2025-7524. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. This vulnerability is handled as CVE-2025-7523. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #612936 / VDB-316222

Submit #612935 / VDB-316221

本次微访谈将于7月14日（周一）晚上8点在“智能化软件工程学术沙龙”微信群举行，敬请关注！

当前环境异常，需完成验证后继续访问。

A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is known as CVE-2025-7522. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. This vulnerability is traded as CVE-2025-7521. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Parking Management System 1.13. This issue affects some unknown processing of the file /admin/manage-category.php. The manipulation of the argument del leads to sql injection. The identification of this vulnerability is CVE-2025-7520. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #611183 / VDB-316220

A vulnerability classified as critical was found in G Data Total Security 25.4.0.3/25.5.13.26. This vulnerability affects unknown code of the component GDTunerSvc. The manipulation leads to link following. This vulnerability was named CVE-2025-2790. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Polkit. This affects an unknown part of the component XML Policy File Handler. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2025-7519. The attack needs to be approached locally. There is no exploit available.

Submit #610582 / VDB-316219

Submit #610579 / VDB-316218