Aggregator

Пентагон создает невидимый штаб, который научит машины воевать, а людей — доверять.

Submit #513243 / VDB-298787

A vulnerability has been found in huang-yk student-manage 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2025-2042. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in huang-yk student-manage 1.0. This affects an unknown part of the component Edit a Student Information Page. The manipulation of the argument Class leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-13902. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

黑客组织 EncryptHub 通过钓鱼攻击和木马化应用部署勒索软件及窃密程序，利用 PPI 服务扩大攻击。

美国私营太空公司 Firefly Aerospace 3 月 2 日宣布其月球着陆器 Blue Ghost 成功登陆月球表面，成为首个实现月球软着陆的商业公司。NASA 表示，这项公私合作项目成功演示了在月球上使用地基 GPS 导航信号的能力，标志着阿尔忒弥斯登月任务向前迈进了一大步。精确且可靠的导航对执行月球飞行任务的未来宇航员至关重要，但在距离地球 36 万公里的地方传统的导航工具基本没什么用。一种解决方法是将 Global Navigation Satellite System(GNSS) 的数据传输到月球表面以自动测量时间、速度和位置。Blue Ghost 搭载的项目之一就是 NASA 和意大利航天局合作的 Lunar GNSS Receiver Experiment(LuGRE)。LuGRE 依赖于两大 GNSS 星座——GPS 和 Galileo，基于数十颗提供实时跟踪数据的中地球轨道卫星进行三角定位。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

Submit #512940 / VDB-298786

本文将深入探讨并研究这种特定的攻击手段——Fake CAPTCHA。

360安全预警：虚假Microsoft 365背后实为Montelli勒索陷阱

A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument p_cat leads to sql injection. This vulnerability is handled as CVE-2025-2041. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. This vulnerability is known as CVE-2025-2040. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in OpenVPN up to 2.6.9 on Windows. Affected is an unknown function of the component Plug-in Handler. The manipulation leads to unverified ownership. This vulnerability is traded as CVE-2024-27903. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in OpenVPN up to 2.6.9. This issue affects some unknown processing of the component Service Pipe Handler. The manipulation leads to improper restriction of communication channel to intended endpoints. The identification of this vulnerability is CVE-2024-24974. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.