Submit #777668: FlowiseAI Flowise <= 3.0.12 Server-Side Request Forgery (CWE-918) [Accepted]
Submit #777668 / VDB-361279
Aggregator
The Administrator’s Shadow: How Hackers Turned a Popular GitHub Utility into an Invisible C2 Backdoor
1 week 3 days ago
Adversaries no longer find it requisite to engineer sophisticated malware from its inception. Frequently, the appropriation of a
The post The Administrator’s Shadow: How Hackers Turned a Popular GitHub Utility into an Invisible C2 Backdoor appeared first on Penetration Testing Tools.
ddos
Submit #777662: FlowiseAI Flowise <= 3.0.12 Server-Side Request Forgery (CWE-918) [Accepted]
1 week 3 days ago
Submit #777662 / VDB-361278
Eric-a
Submit #777661: FlowiseAI Flowise <= 3.0.12 Server-Side Request Forgery (CWE-918) [Accepted]
1 week 3 days ago
Submit #777661 / VDB-361277
Eric-a
Submit #777660: FlowiseAI Flowise <= 3.0.12 OS Command Injection (CWE-78) [Duplicate]
1 week 3 days ago
Submit #777660 / VDB-358753
Eric-a
Submit #777659: FlowiseAI Flowise <= 3.0.12 Exposure of Sensitive Information (CWE-200) [Accepted]
1 week 3 days ago
Submit #777659 / VDB-361276
Eric-a
Submit #777658: FlowiseAI Flowise <= 3.0.12 Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915) [Accepted]
1 week 3 days ago
Submit #777658 / VDB-361275
Eric-a
Submit #777657: FlowiseAI Flowise <= 3.0.12 Authorization Bypass Through User-Controlled Key (CWE-639) [Accepted]
1 week 3 days ago
Submit #777657 / VDB-361274
Eric-a
Submit #777656: FlowiseAI Flowise <= 3.0.12 Exposure of Sensitive Information (CWE-200) [Accepted]
1 week 3 days ago
Submit #777656 / VDB-361273
Eric-a
ФБР тоже читает чаты. Как переписка в мессенджере стоила хакеру восьми лет свободы
1 week 3 days ago
Суд вынес приговор латвийскому переговорщику, который давил на жертв чужими секретами.
日产汽车将在欧洲裁减九百名办公室员工
1 week 3 days ago
日产汽车将裁减欧洲员工的一成。英国工厂的2条生产线也将整合为1条。日产在接受采访时承认已开始与员工协商。日产将在包括英国、法国和西班牙在内的欧洲国家裁减九百名办公室员工。日产在全欧洲拥有约9300名员
MCP:从诞生到行业标准,从繁荣到安全危机
1 week 3 days ago
梳理MCP从兴起到生产的发展过程,解析工程痛点与安全风险
Emergency Patch: Critical RCE Vulnerability in Apache HTTP Server 2.4.67 Threatens Millions of Systems
1 week 3 days ago
A critical vulnerability has been identified within the ubiquitous Apache web server, potentially facilitating the complete compromise of
The post Emergency Patch: Critical RCE Vulnerability in Apache HTTP Server 2.4.67 Threatens Millions of Systems appeared first on Penetration Testing Tools.
ddos
微光成炬 | 第二届绿盟公益日圆满落幕
1 week 3 days ago
阅读: 94月27日至28日,由绿盟科技集团、北京绿盟公益基金会举办的第二届绿盟公益日活动在北京总部及成都、武汉、西安研发中心同步举行。为期两天的公益活动中,全员
Malicious PyTorch Lightning update hits AI supply chain security
1 week 3 days ago
A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library exposed developers to credential theft and remote compromise. Attackers uploaded version 2.6.3 to the Python Package Index (PyPI), where it spread among developers before maintainers removed […]
Pierluigi Paganini
Malicious PyTorch Lightning update hits AI supply chain security
1 week 3 days ago
Malicious PyTorch Lightning update hits AI supply chain security
中国黑客被指向Daemon Tools植入后门
1 week 3 days ago
卡巴斯基的安全研究人员表示,他们已识别出一个恶意后门,被植入流行且长期运行的Windows磁盘映像软件Daemon Tools中。卡巴斯基周二表示,从全球运行卡巴斯基杀毒软件的计算机收集的数据显示,一
Хочешь смотреть клубничку, купи айфон. Apple стала главным пропускным пунктом для взрослых
1 week 3 days ago
Правда, пока только в Великобритании. И только со свежей версией ОС.
为了让「上厕所」更健康,我做了一个小工具
1 week 3 days ago
朋友们,浴室真的是一个灵感迸发的地方。在某天洗澡前的如厕时间,我突然想到,现在有许多人在上厕所的时候刷手机,导致如厕时间变长,进而容易增加痔疮等疾病的风险。那么,有没有可能做一个工具,像 Apple
因太像官方版,Notepad++ for Mac 改名 Nextpad++
1 week 3 days ago