Aggregator

出海安全必修课｜香港与国际众测平台全解析

8 months 3 weeks ago

出海浪潮下的安全挑战在全球化进程不断加速的当下，中国企业出海的步伐愈发坚定。无论是互联网科技企业拓展

CVE-2013-4888 | Springsignage Xibo 1.4.2 index.php layout cross site scripting (EDB-38746)

8 months 3 weeks ago

A vulnerability has been found in Springsignage Xibo 1.4.2 and classified as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument layout leads to cross site scripting. This vulnerability was named CVE-2013-4888. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning

Penetration Testing Tools - Metepreter.org

8 months 3 weeks ago

AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network and can be used to execute a simulated...

The post AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning appeared first on Penetration Testing Tools.

ddos

全球最富 500 人两天损失 5360 亿美元，马斯克最惨；小米 15 周年，雷军重发微博；清明国内短程自驾游是主流｜极客早知道

极客公园

8 months 3 weeks ago

美媒：科技与金融界知名人士组团赴海湖庄园，欲就关税问题与特朗普「讨论常识」； Meta 新旗舰 AI 模型 Llama 4 Maverick 测试成绩遭质疑，被指针对性优化；摩根士丹利预测：苹果手机价格或飙升，美关税政策重创苹果公司供应链

CVE-2023-6811 | Language Translate Widget Plugin up to 223 on WordPress api_key cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in Language Translate Widget Plugin up to 223 on WordPress. This affects an unknown part. The manipulation of the argument api_key leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-6811. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2024-27474 | Leantime 3.0.6 cross-site request forgery

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in Leantime 3.0.6. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-27474. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

CVE-2024-23734 | Savignano SNotify up to 2.0.0 User Profile Page cross-site request forgery

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in Savignano SNotify up to 2.0.0. This affects an unknown part of the component User Profile Page. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-23734. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Patchwork APT组织最新Spyder后门样本分析

安全分析与研究

8 months 3 weeks ago

Patchwork APT组织最新Spyder后门样本分析

谛听工控安全月报 | 3月

谛听ditecting

8 months 3 weeks ago

3月│月报谛听工控安全月报上线了，工信部的最新政策，3月发生的多起工控安全事件，谛听团队收集的最新攻击教据......更多安全资讯，请关注“谛听ditecting",每月更新!

谛听工控安全月报 | 3月

谛听ditecting

8 months 3 weeks ago

PlaidCTF 2025

CTF Time

8 months 3 weeks ago

Name: PlaidCTF 2025 (an PlaidCTF event.)
Date: April 4, 2025, 9 p.m. — 06 April 2025, 21:00 UTC [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://plaidctf.com/
Rating weight: 100.00
Event organizers: Plaid Parliament of Pwning

GTC 2025: AI, Security & The New Blueprint

Trend Micro Research, News and Perspectives

8 months 3 weeks ago

From quantum leaps to AI factories, GTC 2025 proved one thing: the future runs on secure foundations.

Shannon Murphy

GreyNoise Observes 3X Surge in Exploitation Attempts Against TVT DVRs — Likely Mirai

Grey Noise

8 months 3 weeks ago

GreyNoise has observed a significant spike in exploitation attempts against TVT NVMS9000 DVRs. This information disclosure vulnerability can be used to gain administrative control over affected systems.