Aggregator

Submit #607948 / VDB-316984

Submit #607947 / VDB-316983

Submit #605663 / VDB-316982

Submit #605655 / VDB-316981

Submit #605633 / VDB-316980

Submit #605618 / VDB-316979

Valve 首次回应 Steam 下架大量成人或色情游戏事件，称因支付渠道、卡组织及银行施压而不得不执行。此行为遵循 Steam 开发者文档第 15 条规则，并非公司本意。类似情况也发生在 PornHub 和 Tumblr 等平台。未来涉及成人或色情内容的游戏可能面临更多限制和封禁风险。

The cybersecurity landscape continues to face significant threats from sophisticated information stealers, with Lumma emerging as one of the most prevalent and dangerous malware families targeting both consumer and enterprise environments. This malicious software systematically harvests enormous volumes of sensitive data from infected machines, including login credentials, cryptocurrency wallet information, personally identifiable information, session tokens, […]

The post Lumma Infostealer Steal All Data Stored in Browsers and Selling Them in Underground Markets as Logs appeared first on Cyber Security News.

Пока мы спорим о законах, ИИ учится их обходить.

360预警：政企安全告急！微信PC版漏洞或成敏感数据窃取新通道

作者搬到班加罗尔后希望结识对漏洞赏金、CVE研究、安全工具及CTF感兴趣的人，计划组成4-5人的小组协作学习，并偶尔线下交流。

英特尔终止对 Clear Linux 发行版的支持，停止提供安全补丁、更新和维护，并将代码库转为只读模式。建议用户迁移到其他活跃维护的发行版。尽管如此，英特尔仍将继续投资 Linux 生态系统并支持开源项目。

最近大规模裁员和重组的芯片巨头突然宣布终止对 Clear Linux 发行版的支持，从即日起不再为 Clear Linux OS 提供安全补丁、更新或维护，项目托管在 GitHub 上的代码库将转为只读模式，它建议使用 Clear Linux 的用户尽快迁移到其它活跃维护的发行版。英特尔在声明中同时强调会继续投资 Linux 生态系统，积极支持和贡献开源项目和 Linux 发行版，支持和优化英特尔硬件。英特尔是在 2015 年为解决容器安全问题而宣布了 Clear Linux 发行版项目，至今有十年历史。

BurpSuite+MitmProxy 自动计算 Sign前言之前发表过关于 Sign 值的说明, 可以说这

当前环境出现异常问题，需完成验证后方可继续访问相关内容或功能。

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross site scripting. This vulnerability was named CVE-2025-7865. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-7864. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. This vulnerability is handled as CVE-2025-7863. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

这是一个地下技能社区，旨在帮助新手成长为资深黑客。成员可在此提问、解答和学习，并通过Discord进行交流。

Submit #618190 / VDB-316978