相關新聞
Microsoft IIS Web Deploy Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in the Microsoft Web Deploy tool could allow authenticated attackers to execute remote code on affected systems. The vulnerability, tracked as CVE-2025-53772, was disclosed on August 12, 2025, and carries a CVSS score of 8.8, ...
Cyber Security News
2025年08月16日 293 觀看次數
Researcher to release exploit for full auth bypass on FortiWeb
A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. [...]
Bleepingcomputer
2025年08月16日 335 觀看次數
New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data
A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which has been linked to the...
Cyber Security News
2025年08月15日 282 觀看次數
Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild
Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. [...]
Bleepingcomputer
2025年08月14日 305 觀看次數
Google confirms data breach exposed potential Google Ads customers' info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers.
Bleeping Computer
2025年08月11日 318 觀看次數
WinRAR zero-day exploited to plant malware on archive extraction
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware.
Bleeping Computer
2025年08月11日 295 觀看次數
Hackers Weaponizing SVG Files With Malicious Embedded JavaScript to Execute Malware on Windows Systems
Cybercriminals have begun exploiting Scalable Vector Graphics (SVG) files as sophisticated attack vectors, transforming seemingly harmless image files into potent phishing weapons capable of executing malicious JavaScript on Windows systems. This emerging threat leverages the XML-based structure of SVG files to embed and execute...
Cyber Security News
2025年08月08日 239 觀看次數
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data theft attacks. [...]
Bleepingcomputer
2025年08月06日 294 觀看次數
Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack
Psst, wanna steal someone's biometrics?
black hat Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including...
The Register
2025年08月06日 244 觀看次數
Cybercrooks attached Raspberry Pi to bank network and drained ATM cash
Criminals used undocumented techniques and well-placed insiders to remotely withdraw money A ring of cybercriminals managed to physically implant a Raspberry Pi on a bank's network to steal cash from an Indonesian ATM.…
The Register
2025年08月03日 222 觀看次數
