Aggregator

A vulnerability was found in Oncord+ Android Infotainment Systems OS Android. It has been classified as critical. Affected is an unknown function of the component ADB Port. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2024-36842. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Mozilla Thunderbird up to 128.9.1/137.0.1 on Windows and classified as problematic. This issue affects some unknown processing of the component File Name Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-2830. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird up to 128.9.1/137.0.1 and classified as problematic. This vulnerability affects unknown code of the component Header Handler. The manipulation of the argument X-Mozilla-External-Attachment-URL leads to improper restriction of rendered ui layers. This vulnerability was named CVE-2025-3523. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 128.9.1/137.0.1. This affects an unknown part of the component Header Handler. The manipulation of the argument X-Mozilla-External-Attachment-URL leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-3522. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Ожившие Тесла, Кюри и другие разносят давнюю психологическую теорию.

简单讲述了研究沙箱和对抗沙箱与杀软检测的初尝试

A vulnerability classified as critical was found in Shiba-Design Nukecalendar 1.1.a. Affected by this vulnerability is an unknown functionality of the file modules.php of the component Modules. The manipulation of the argument eid leads to sql injection. This vulnerability is known as CVE-2004-1914. The attack can be launched remotely. Furthermore, there is an exploit available.

An interconnected digital landscape differentiates the current era from previous ones, as using the internet for various personal and professional purposes was uncommon then. While this phenomenon has eased multiple tasks for people of different demographics, it has also resulted in an increase and evolution of cybersecurity threats. Modern-day hackers often try to scam netizens […]

The post Spotting Phishing Attacks with Image Verification Techniques appeared first on Cyber Security News.

Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers a novel backdoor, GrapeLoader.

整整配了3天3夜，才找到一个门槛低，操作相对容易的软件。为了让大家更好的做测试，就想分享一下吧。

A vulnerability was found in AyaCMS 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file ust_sql.inc.php. The manipulation leads to code injection. This vulnerability is known as CVE-2022-46101. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in AyaCMS 3.1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /aya/module/admin/fst_down.inc.php. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2022-46102. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as problematic has been found in AyaCMS 3.1.2. This affects an unknown part of the file /aya/module/admin/fst_del.inc.php. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-47926. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as critical was found in Classcms 3.5. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2022-45966. Access to the local network is required for this attack to succeed. There is no exploit available.

利用马尔可夫链指纹分类加密流量 by ourren

Tor的Snowflake桥接流量分类分析 by ourren

我的网络安全ToB思考 by ourren

The (Anti-)EDR Compendium EDR检测与攻击技术学习网站 by ourren

更多最新文章，请访问SecWiki

Письмо с файлом, кнопка «Скачать», а дальше — социальная инженерия в действии .

华盛顿州立大学考古学家 Tim Kohler 领导的研究团队从全球 1100 个考古遗址的 4.7 万多座住宅建筑中提取数据，将房屋大小作为衡量财富的标准。分析表明，在世界各地不同文明出现农业大约 1500 年后，财富不平等开始加剧。这种现象是由人口增长、对土地的竞争和等级制定居点的发展驱动的。研究强调了造成不平等的几个关键因素。因为农业社区的发展，土地成为一种有限的资源，引发了竞争，也催生了诸如梯田和灌溉等提高生产力的创新。随着时间的推移，更大的定居点成为经济和政治活动的中心，财富开始集中在少数家庭手中。财富差距在人口密集的定居点尤其明显，比小型定居点表现出更大的不平等。研究的一个重要发现是，财富不平等早于文字记录，有证据表明，即使在最早的农业社会也存在财富差距。通过将衡量不平等的标准指标——基尼系数应用于古代房屋大小的研究，研究人员发现，早期农业村庄相对平等。然而，随着定居点变得更大、更复杂，财富差距也在不断扩大。