相關新聞
Latest Intel CPUs impacted by new Indirector side-channel attack
Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection (BTI) attack dubbed 'Indirector,' which could be used to steal sensitive information from the CPU. [...
Bleepingcomputer
2024年07月02日 104 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2022/10/09/intel-core-header.jpg)
A new MOVEit vulnerability is igniting hacking attempts. Companies should patch ASAP
MOVEit, a popular file transfer platform used by thousands of companies and government entities, is once again in the news for all the wrong reasons. [...]
ZDnet
2024年06月28日 164 觀看次數
![](https://www.zdnet.com/a/img/resize/bba785eda077ad1bdccecbf8f9b846e365ddcdee/2024/06/27/9ec5426d-65b0-4973-9fe3-55135c2d1dd4/folder-files-firejpg.jpg?auto=webp&fit=crop&height=675&width=1200)
Critical GitLab bug lets attackers run pipelines as any user
A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. [...]
Bleepingcomputer
2024年06月27日 107 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2022/04/01/GitLab.jpg)
LockBit lied: Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed. [...]
Bleepingcomputer
2024年06月27日 257 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2024/06/26/federal-reserve-starburst.jpg)
Polyfill.io JavaScript supply chain attack impacts over 100K sites
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites.
Bleeping Computer
2024年06月26日 189 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2021/02/08/supply-chain.jpg)
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
Malicious updates available from WordPress.org create attacker-controlled admin account.
Ars Technica
2024年06月25日 164 觀看次數
![](https://cdn.arstechnica.net/wp-content/uploads/2022/02/backdoor2-760x380.jpeg)
Facebook PrestaShop module exploited to steal credit cards
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details. [...]
Bleepingcomputer
2024年06月23日 139 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/12/22/credit-cards.jpg)
Warning: New Adware Campaign Targets Meta Quest App Seekers
A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. [...]
The Hacker News
2024年06月22日 133 觀看次數
ONNX phishing service targets Microsoft 365 accounts at financial firms
A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments.
Bleeping Computer
2024年06月19日 227 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/10/06/Microsoft_365.jpg)
VMware fixes critical vCenter RCE vulnerability, patch now
VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws.
Bleeping Computer
2024年06月19日 105 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/06/28/vmware-flame-bright-white.jpg)