Aggregator

A vulnerability has been found in Cisco ASR 1002 Router and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Listener. The manipulation leads to improper input validation. This vulnerability is listed as CVE-2012-1366. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Cisco IOS 15.1 and classified as problematic. Affected by this issue is some unknown functionality of the component Multicast Listener Discovery. The manipulation results in improper input validation. This vulnerability is cataloged as CVE-2012-3062. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Cisco IOS up to 15.3 on Cisco 2900. It has been classified as problematic. This affects an unknown part of the component TDM/HDLC. This manipulation causes denial of service. This vulnerability is registered as CVE-2012-3918. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Cisco IOS 15.1. It has been declared as problematic. This vulnerability affects unknown code of the component Session. Such manipulation leads to denial of service. This vulnerability is documented as CVE-2012-4638. The attack needs to be performed locally. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco IOS up to 15.3. It has been rated as problematic. This issue affects some unknown processing of the component ScanSafe. Performing a manipulation results in numeric error. This vulnerability is reported as CVE-2012-4651. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in Cisco ios up to 15.1. Impacted is an unknown function of the component HTTP Service. Executing a manipulation can lead to improper authentication. This vulnerability appears as CVE-2012-4658. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

Как компания оправдывает внедрение алгоритмов и на что рассчитывает?

Dubai, UAE, 11th May 2026, CyberNewswire

The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.

Using Artificial Intelligence to find vulnerabilities can bring added security considerations.

南京大学的生化学家 Xin Yin 在一个明媚的下午给小鼠当私人训练员，将小鼠放到小型跑步机上跑步。它们都是运动健将，比对照组跑的更久，乳酸积累也更少。但这些小鼠和对照组在基因上并无差异，它们之所以运动表现更出色可能与它们的父亲的运动习惯相关。这一发现表明，跑步不仅对运动者本人有益，也可能对未出生的孩子有益。Xin Yin 的团队发现，运动小鼠精子中被称为 microRNA 的 RNA 片段浓度比不运动小鼠高。将这些分子注射到不相关的胚胎内，产下的后代与有运动习惯的父亲的后代的运动表现一样出色。过去二十年对小鼠的研究发现，除了 DNA，精子还会将 microRNA 等 RNA 片段遗传给后代。这些 RNA 片段的浓度会随运动或懒惰、高脂肪或高糖饮食、日常压力、童年创伤、酗酒以及接触杀虫剂有害物质等因素发生波动。研究发现，父母超重或承受心理健康压力其后代也更容易出现这些状况。

Traditional ransomware disrupts organizations by encrypting data and demanding payment for decryption keys. However, a newly disclosed technique called GhostLock demonstrates a fundamentally different availability attack that achieves the same business disruption without writing a single encrypted byte to disk. Discovered by Kim Dvash, an Offensive Security Team Leader, GhostLock exploits standard Windows file-sharing behavior […]

The post GhostLock Attack Leverages Windows file-sharing to Lock Files Access Like Ransomware appeared first on Cyber Security News.

Submit #809371 / VDB-362590

A sophisticated new cyberattack campaign is targeting Windows systems using a fake image file to sneak dangerous malware past security defenses. The operation, named Operation SilentCanvas, tricks victims into running a malicious PowerShell script disguised as a harmless JPEG photo, ultimately handing attackers full and silent control of the infected machine. The attack begins when […]

The post Hackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malware appeared first on Cyber Security News.

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself. Nobody in that chain is incompetent. Every human is doing their job correctly. The problem is the system, its

Команда HEX.TEAM приглашает на экспертный вебинар 19 мая в 15:00 (МСК).

A vulnerability classified as problematic has been found in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. This vulnerability is traded as CVE-2026-8244. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as problematic has been identified in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . This vulnerability appears as CVE-2026-8243. The attack may be performed from remote. There is no available exploit. The vendor was contacted early about this disclosure but did not respond in any way.

German police shut down a revived Crimenetwork marketplace with 22,000 users and 100+ sellers months after the original takedown. German police dismantled a resurrected version of the German-language cybercrime marketplace Crimenetwork, just months after the original platform was taken down. The second iteration of the site had already attracted more than 22,000 users and over […]

A vulnerability identified as critical has been detected in Apple iOS and iPadOS up to 15.4.1. This impacts an unknown function of the component WebKit. Performing a manipulation results in use after free. This vulnerability is known as CVE-2022-26717. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.