IT 新聞
Exploit details for max severity Cisco IOS XE flaw now public
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.
Hackers are exploiting critical flaw in vBulletin forum software
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild.
Microsoft now testing Notepad text formatting in Windows 11
Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input.
Police takes down AVCheck site used by cybercriminals to scan malware
An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild.
Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev.
Getting Exposure Management Right: Insights from 500 CISOs
Pentesting isn't just about finding flaws — it's about knowing which ones matter. Pentera's 2025 State of Pentesting report uncovers which assets attackers target most, where security teams are making progress, and which exposures still fly under the radar. Focus on reducing breach impact, not just breach count.
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with NVIDIA GPUs.
Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge instead.
ConnectWise breached in cyberattack linked to nation-state hackers
IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers.
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools.
分享此頁面
