Aggregator

A vulnerability was found in Google Chrome and classified as critical. This issue affects some unknown processing of the component V8. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2025-5280. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Python up to 2.7.16/3.7.2 and classified as critical. Affected by this vulnerability is an unknown functionality in the library urllib.request.urlopen of the component urllib2. The manipulation as part of Query String leads to crlf injection. This vulnerability is known as CVE-2019-9947. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component libvpx. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-5283. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 一名伊朗籍公民在美国联邦法院承认参与运营Robbinhood勒索软件团伙，该组织通过一系列勒索攻击瘫痪了全美多个市政厅、医院及私营企业系统。司法部表示，Sina Gholinejad于本周二对计算机欺诈与电信欺诈共谋罪认罪，承认与同伙入侵数十个网络，使用Robbinhood恶意软件加密数据并勒索比特币赎金。Gholinejad将于8月宣判，最高面临30年监禁。 Robbinhood最臭名昭著的攻击是2019年5月针对巴尔的摩市的入侵事件，迫使市政部门切断数百台电脑网络连接，导致水费、房产税及停车费在线支付系统瘫痪。巴尔的摩市最终耗费超1900万美元用于系统恢复与弥补收入损失，北卡罗来纳州、俄勒冈州、纽约州及新泽西州也有其他受害者。 检方指出，Robbinhood团伙采用类似现代勒索软件即服务（RaaS）的运营模式，其犯罪活动可追溯至2019年初。攻击者在受害机构留下勒索信，引导受害者通过Tor暗网平台协商赎金，要求以比特币支付。司法部透露，赎金到账后，该团伙通过混币器与其他加密货币进行“链跳”操作隐匿资金流向，并利用多层VPN掩盖登录痕迹。 美国检察官丹尼尔·布巴尔表示：“网络犯罪并非无受害者的罪行，这是对我们社区的定向攻击。Gholinejad及其同伙策划的勒索计划扰乱民生、企业及地方政府运作，导致受害者和机构蒙受数千万美元损失。”       消息来源： securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

通达OA OfficeTask其组件定时任务服务OfficeTask开放udp端口2397，未授权接收数据，并根据数据中的命令控制字符串，执行指定任务。导致存在未授权任意php文件执行、SQL注入漏洞。

下站见~

HackerNews 编译，转载请注明出处： 德国运动服饰巨头阿迪达斯披露，攻击者入侵某客户服务提供商后窃取部分客户数据。该公司于5月24日（周五）声明称：“阿迪达斯近期发现未经授权的外部方通过第三方客户服务提供商获取了部分消费者数据。我们立即采取措施控制事件影响，并联合顶尖信息安全专家启动全面调查。” 阿迪达斯补充称失窃信息不包含受影响客户的支付信息或密码，因攻击者仅获取联系方式。公司已就此事通报相关监管机构，并将按法律要求通知受影响的个人。 “阿迪达斯正依照适用法律向可能受影响的消费者、数据保护机构及执法部门发出通知，”声明强调，“我们始终致力于保护消费者隐私与安全，对此次事件造成的不便深表歉意。” 目前阿迪达斯尚未披露事件细节，包括受影响服务商名称、入侵发现时间、受影响人数以及公司自有网络是否遭渗透。当BleepingComputer联系阿迪达斯询问事件进展时，发言人表示“暂无最新消息，周五声明仍然有效”。 本月早些时候，阿迪达斯曾披露影响土耳其与韩国客户的数据泄露事件，涉及2024年及此前联系过客服中心的消费者。失窃信息包括姓名、电子邮箱、电话号码、出生日期与地址。2018年6月，阿迪达斯美国官网遭入侵，导致数百万购物者的联系信息、用户名及加密密码外泄。       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

本周，互联网网络安全态势整体评价为良。

HackerNews 编译，转载请注明出处： 越南已命令当地电信服务提供商封禁广受欢迎的即时通讯平台Telegram，理由是国家安全担忧以及该公司涉嫌未能遵守当地法律。 科技部据称表示，Telegram未配合越南当局处理该应用程序上的犯罪活动，包括欺诈和毒品交易。电信公司已被指示实施封禁并于6月2日前报告执行情况。 近期政府报告指控，越南境内可访问的9,600个Telegram频道中有近70%涉及非法活动，包括反政府内容和所谓“颠覆性”文件的传播。当局还指责Telegram在刑事调查期间无视删除非法内容和分享用户数据的要求。 Telegram发言人告诉路透社，公司对封禁决定感到惊讶，并补充称其已及时响应越南的法律请求。该公司未立即回应Recorded Future News的提问。 作为一党制共产主义国家，越南对网络内容保持严格管控，并有施压全球科技公司遵守当地法规的记录。包括自由之家在内的人权监督机构警告称，针对记者、活动人士和用户的审查制度及惩罚措施正在增加。 这不是越南首次与主要科技平台发生冲突。2020年，据报越南曾威胁封禁Facebook，除非其限制更多内容；2023年又以类似指控考虑封禁TikTok。这两个平台目前仍可访问。 Telegram的俄罗斯籍创始人帕维尔·杜罗夫（Pavel Durov）今年早些时候在法国被捕，指控理由是该平台未能遏制网络犯罪和金融欺诈。 杜罗夫被捕后表示，他的目标是让应用程序“更安全、更强大”。 “Telegram用户数量激增至9.5亿导致发展阵痛，这使得犯罪分子更容易滥用我们的平台，”杜罗夫写道。“这就是为什么我把显著改善这方面作为个人目标。”       消息来源：therecord； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in PHP Heaven phpMyChat 0.14.5. Affected by this issue is some unknown functionality of the file edituser.php3. The manipulation of the argument do_not_login leads to improper authentication. This vulnerability is handled as CVE-2004-2715. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Google Android. It has been classified as critical. Affected is the function gpu_pixel_handle_buffer_liveness_update_ioctl of the file private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-48421. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in EverShop NPM up to 1.0.0-rc.4. It has been rated as problematic. Affected by this issue is the function ProductGrid of the file admin/productGrid/Grid.jsx. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2023-46494. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Zammad up to 6.1.x. It has been classified as problematic. This affects an unknown part of the component Notification Handler. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2023-50456. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Android and classified as problematic. This issue affects some unknown processing of the component U-Boot. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2023-48425. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Totolink A7000R 9.1.0u.6115_B20201022. It has been classified as critical. This affects the function setOpModeCfg. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-49417. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in File Manager Plugin up to 6.2 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2023-5907. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in BeyondTrust Privilege Management up to 5.6 on macOS. Affected by this vulnerability is an unknown functionality. The manipulation leads to Local Privilege Escalation. This vulnerability is known as CVE-2021-3187. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ProLion CryptoSpike 3.0.15P2. It has been rated as critical. This issue affects some unknown processing of the component REST API Endpoint. The manipulation of the argument Search leads to sql injection. The identification of this vulnerability is CVE-2023-36652. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Apple iOS and iPadOS. It has been classified as problematic. Affected is an unknown function of the component Kernel Memory Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-42884. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Kernel Memory Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2023-42884. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.