Aggregator

SecWiki周刊（第574期) by ourren

SecWiki周刊（第573期) by ourren

基于DeepSeek/AI的资产测绘与威胁图谱构建 by ourren

更多最新文章，请访问SecWiki

A vulnerability was found in wphrmanager The Human Resources Plugin up to 3.1.0 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-23843. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in EP4 More Embeds Plugin up to 1.0.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-25083. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in WP Easy Post Mailer Plugin up to 0.64 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-23956. The attack can be launched remotely. There is no exploit available.

去年底美国联邦破产法院法官 Christopher Lopez 以竞拍缺乏透明度、不公平竞争以及未能最大化价值为由拒绝将 Alex Jones 的 Infowars 公司出售给洋葱新闻（The Onion）。Jones 因宣称发生在 2012 年 12 月 14 日的 Sandy Hook 小学枪击案是一场骗局而被受害者家属提起诉讼，2022 年他被勒令向受害者家属赔偿逾 10 亿美元，而 Jones 在继续上诉的同时申请了破产，法官则同意清算其资产以支付赔偿金。竞拍 Infowars 资产的有代表 Jones 的 First United American Companies LLC(FUAC)，以及洋葱新闻。FUAC 出价 350 万美元现金，而洋葱出价较低但获得了受害者家属的支持，然而这一结果最后遭到了法官的拒绝。现在一家 AI 娱乐公司 WOW.AI LLC 对 Infowars 资产提出了竞标，报价是 350 万美元现金，以及模因币 $WARS meme 供应量的 51%，持有模因币的受害者家属将可以决定 Infowars 的未来。

A Threat Actor Claims to be Selling Full Admin Access to a WordPress Site

Have you silenced WAF alerts in your SIEM or just stopped sending them altogether? You're not alone. Many SOCs find themselves overwhelmed by the sheer volume of noise generated by traditional WAFs, forcing them to choose between alert fatigue or a critical visibility gap on the application layer.

The post Enhancing Application Security | Contrast ADR and Splunk | Contrast Security appeared first on Security Boulevard.

Rey Claims to have Leaked the Data of Zurich Insurance

Ddarknotevil is Claiming to Sell the Data of Asian Football Confederation

By proactively addressing liabilities tied to software updates, data loss, and AI technologies, businesses can mitigate risks and achieve compliance.

今天给大家介绍一个AI搜索引擎：https://cylect.io/

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure

火星的红色长久以来被认为来自氧化铁（铁锈），其形成机制与火星早期的水与岩石作用有关。最新研究显示，火星的红色更可能来自水铁矿（ferrihydrite），这是一种需要液态水才能形成的含水氧化铁。水铁矿通常在冷水环境中迅速形成，这意味着它必定是在火星仍有液态水时产生的。即便经过数十亿年的风化与散布，它仍保留了水的特征，显示火星的锈蚀可能比先前认为的时间更早。这一发现为火星的气候演化与潜在适居性提供了新的线索。与通常在干燥、高温环境下形成的赤铁矿（hematite）不同，水铁矿的形成需要冷水环境，显示火星可能比我们先前认为的更长时间维持适合液态水存在的条件，进一步支持火星曾有适居环境的可能性。

​Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. [...]

Главные выводы исследования DLBI.