Aggregator

当前环境异常，需完成验证后方可继续访问。

当前环境异常需完成验证后方可继续访问，页面提供验证链接以解决安全提示问题。

作者认为HTTP并非简单协议，尤其是HTTP/1尽管看似易于使用和理解，但其实际实现涉及众多复杂细节。包括文本处理、头部折叠、结束标记、数字解析等问题。此外，不同版本的累积复杂性和浏览器实现的影响进一步增加了难度。尽管如此，HTTP的成功可能与其复杂性密不可分。

360高级威胁研究院监测到该组织针对巴基斯坦地区的新一轮攻击活动，并捕获到一类基于Mythic C2框架的新型载荷，该载荷通过MSC文档形式投递，这种利用方式在摩诃草以往的攻击案例中相对罕见

79% российских компаний рискуют из-за критической уязвимости.

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2025-8746. Local access is required to approach this attack. Furthermore, there is an exploit available. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library."

Efimer是一种通过伪装律师邮件、恶意种子和WordPress网站传播的恶意软件，主要窃取加密货币钱包地址并替换为攻击者地址。它利用Tor网络与C2服务器通信，并具备扩展功能以进一步传播和攻击。该恶意软件已影响全球多个地区用户。

Submit #623632 / VDB-319242

做过应急响应或者安全运营的人基本都需要了解 SIEM 到底是什么，真正有用吗？答案是：很有用，但前提是你得真正阅读更多

三种情况的医疗设备最易在公网暴露

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. The identification of this vulnerability is CVE-2025-8745. An attack has to be approached locally. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability affects unknown code of the file /lodmodels/. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-8744. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

Bankitalia报告指出，意大利金融部门在2023至2024年间操作和网络安全事件增加45%，其中79%由硬件软件更新引发，网络攻击增长8%。尽管DDoS攻击减少75%，但恶意软件和勒索软件威胁上升。服务中断时间延长至21小时，影响支付系统及客户信任。

Tea是一款女性专用交友应用,用户可匿名评分男性,引发争议并曝出严重安全漏洞,导致个人信息泄露。其山寨版TeaOnHer同样存在数据安全问题,泄露身份证、驾照等敏感信息,建议避免使用此类应用。

Is your phone suddenly flooded with aggressive ads, slowing down performance or leading to unusual app behavior? Here’s what to do.

Submit #623581 / VDB-319241

A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /data_source_edit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-8743. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Jeff Atwood,知名技术博主及Stack Overflow联合创始人,分享了他对写作的热爱及其重要性。他认为写作是人类交流的核心,能够帮助人们反思和成长。他强调博客的价值在于其结构化的表达方式,并鼓励大家坚持写作以促进思维锻炼和社会进步。他还分享了自己创作《Stay Gold, America》的经历,呼吁社会关注不平等现象并共同努力实现更公平的未来。

Akira ransomware attacks are growing ever more sophisticated: threat actors have begun exploiting a legitimate Intel CPU tuning driver to disable Windows’ built-in protections. The driver in question—rwdrv.sys, part of the ThrottleStop utility—is registered...

The post Akira Ransomware Uses Intel Driver to Bypass Windows Defender appeared first on Penetration Testing Tools.