Aggregator

构建AI时代的安全防线

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert (WPD) tools by crooks to distribute malware under this pretense, the researchers spotted the […]

A vulnerability classified as critical was found in GE Vernova EnerVista UR Setup 8.42. Affected by this vulnerability is an unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is known as CVE-2025-27255. An attack has to be approached locally. There is no exploit available.

A vulnerability classified as critical has been found in GE Vernova EnerVista UR Setup up to 8.60. Affected is an unknown function of the component SSH Server. The manipulation leads to missing authentication. This vulnerability is traded as CVE-2025-27256. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in GE Vernova EnerVista UR Setup 8.42. It has been rated as critical. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-27254. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in GE Vernova N60 Multilin, B30 Multilin, B90 Multilin, C30 Multilin, C60 Multilin, C70 Multilin, C95 Multilin, D30 Multilin, D60 Multilin, F35 Multilin, F60 Multilin, G30 Multilin, G60 Multilin, L30 Multilin, L60 Multilin, L90 Multilin, M60 Multilin, T35 Multilin and T60 Multilin up to 8.60. It has been declared as critical. This vulnerability affects unknown code of the component Port Forwarding Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-27253. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in GE Vernova N60 Multilin, B30 Multilin, B90 Multilin, C30 Multilin, C60 Multilin, C70 Multilin, C95 Multilin, D30 Multilin, D60 Multilin, F35 Multilin, F60 Multilin, G30 Multilin, G60 Multilin, L30 Multilin, L60 Multilin, L90 Multilin, M60 Multilin, T35 Multilin and T60 Multilin up to 8.60. It has been classified as problematic. This affects an unknown part of the component Firmware Handler. The manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2025-27257. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in OTRS up to 7.0.x/8.0.x/2023.x/2024.x/2025.1.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Endpoint. The manipulation leads to sensitive cookie with improper samesite attribute. This vulnerability is handled as CVE-2025-24387. The attack may be launched remotely. There is no exploit available.

Malicious use of AI is reshaping the fraud landscape, creating major new risks for businesses

逆向分析与安全开发人员必修课！

美国得州 55 岁程序员因不满降职，在公司系统植入恶意软件泄愤，造成巨大损失，被判最高 10 年监禁。

看雪论坛作者ID：ChuXinﻬ.