Aggregator

塑料制品磨损会释放微小的塑料颗粒，这些颗粒几乎肉眼不可见，若被人体摄入或吸入，可能会影响人体健康。为了使这些颗粒可生物降解，研究人员用植物淀粉而非石油来制造塑料。《农业与食品化学杂志》发表的一项初步研究表明，动物摄入这种由替代材料制成的塑料颗粒后产生了健康问题，例如肝损伤和肠道微生物组失衡。可生物降解的塑料一直被视为是一种比传统石油基塑料更安全、更环保的替代品。最常见的一种源自淀粉，淀粉是土豆、大米和小麦中所含的一种碳水化合物。关于淀粉基可生物降解塑料对人体有何影响，目前尚缺乏相关信息。由南京东南大学 Yongfeng Deng 领导的一组研究人员通过动物试验探究这些影响以解决这个问题。暴露于淀粉基塑料颗粒的小鼠出现多个器官（包括肝脏和卵巢）受损，且高剂量组小鼠的损伤更为明显；血糖管理发生改变，包括甘油三酯（一种脂肪）水平显著异常，血糖和脂质代谢相关的分子生物标志物出现紊乱。研究人员认为需要进一步研究以了解这些可生物降解的颗粒在体内的分解方式。

IPFire has announced the release of version 2.29 (Core Update 193), introducing significant enhancements to the Linux-based firewall distribution.  This update brings forward-thinking security features, including post-quantum cryptography support for IPsec tunnels and major toolchain upgrades that strengthen the system’s core infrastructure. Post-Quantum Cryptography Implementation The standout feature in IPFire 2.29 is the implementation of […]

The post Linux Firewall IPFire 2.29 Released With Support for Post-Quantum Cryptography & Core Updates appeared first on Cyber Security News.

黑客“Satanic”声称通过第三方集成导致WooCommerce数据泄露，440万用户记录被出售。

2024全球僵尸网络威胁态势深度洞察

看雪论坛作者ID：BitWarden

A vulnerability has been found in Eclime 1.1.2b and classified as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument Country leads to sql injection. This vulnerability was named CVE-2010-4851. The attack can be initiated remotely. Furthermore, there is an exploit available.

Cybersecurity researchers have identified a significant spike in exploitation attempts targeting TVT NVMS9000 digital video recorders (DVRs), with activity surging to three times normal levels in early April 2025. This new campaign appears to be linked to the infamous Mirai botnet, which continues to evolve by incorporating new vulnerabilities into its arsenal of attack vectors. […]

The post New Mirai Botnet Exploiting TVT DVRs To Gain Administrative Control appeared first on Cyber Security News.

Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as 'Superstar,' faced consequences such as arrests, house searches, arrest warrants or 'knock and talks,'" Europol said in a

История андроида, который хотел, чтобы от него отстали… Но вынужден спасать мир.

2025年3月20日，国家信息安全漏洞共享平台（CNVD）收录了Foxmail邮件客户端跨站脚本攻击漏洞（CNVD-2025-06036）。

2025年3月20日，国家信息安全漏洞共享平台（CNVD）收录了Foxmail邮件客户端跨站脚本攻击漏洞（CNVD-2025-06036）。

A vulnerability, which was classified as critical, was found in detheme DethemeKit for Elementor Plugin up to 2.1.10 on WordPress. Affected is an unknown function. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2025-32260. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Woocommerce Advanced Product Organizer – Dynamic Sorting & Reordering Plugin up to 1.9 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization. This vulnerability is known as CVE-2025-32236. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in FooBox Image Lightbox Plugin up to 2.7.33 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-32139. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in vcita Contact Form Builder Plugin up to 4.10.2 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-32199. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Swatchly Plugin 1.2.8/1.4.0 on WordPress. Affected is an unknown function of the component Options Update Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2025-2719. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Embedder Plugin 1.3/1.3.5 on WordPress. Affected by this vulnerability is the function ajax_set_global_option. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-3417. The attack can be launched remotely. There is no exploit available.