Aggregator

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

This post highlights how the GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code. GitHub Copilot Chat GitHub Copilot Chat is a VS Code Extension that allows a user to chat with source code, refactor code, get info about terminal output, or general help about VS Code, and things along those lines. It does so by sending source code, along with the user’s questions to a large language model (LLM).

探讨了跨上下文场景中图提示学习（Graph Prompt Learning）面临的后门威胁。

The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app

让我康康

👍 👍 👍

迎风破浪 淬炼锋芒

我们希望把编译技术带入安全代码分析去分析代码行为，为代码行为分析带来新的机会和可能性

Serv-U 是 SolarWinds 公司推出的FTP服务器软件，提供文件传输服务，支持多种协议（FTP、F

The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023

概述

2024年5月29日，美国司法部发布通告，声称其执法活动摧毁了"史上最大的僵尸网络" 911 S5，查封了相关域名

本文分析了由DEVCORE团队研究发现的PHP CGI在Windows平台的远程代码执行漏洞（CVE-202

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！