Aggregator

Currently trending CVE - Hype Score: 8 - Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

A vulnerability was found in aEnrich a+HRD and classified as critical. Affected by this vulnerability is an unknown functionality of the component Log Read Handler. Executing a manipulation can lead to path traversal. This vulnerability appears as CVE-2022-39040. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in aEnrich a+HRD. It has been classified as critical. Affected by this issue is some unknown functionality of the component API Parameter Handler. The manipulation leads to sql injection. This vulnerability is traded as CVE-2022-39041. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in aEnrich a+HRD. This affects an unknown part of the component URL Parameter Handler. Executing a manipulation can lead to server-side request forgery. This vulnerability is tracked as CVE-2022-39039. The attack can be launched remotely. No exploit exists.

A vulnerability categorized as problematic has been discovered in GNU Inetutils up to 2.3. This affects an unknown part of the component telnetd. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-39028. The attack can only be initiated within the local network. No exploit exists. It is advisable to implement a patch to correct this issue.

A vulnerability was found in SAP BOE AdminTools and BOE SDK. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to exposure of resource. This vulnerability is referenced as CVE-2022-39015. The attack needs to be initiated within the local network. No exploit is available. A patch should be applied to remediate this issue.

За пять месяцев 2026 года госсектор провел 2080 закупок VPN на 10,3 миллиарда рублей.

CDG文件服务器的 uploadSoftWareFile 接口存在路径遍历漏洞和目录控制绕过漏洞。攻击者通过构造特殊请求参数，可以绕过目录访问限制，将恶意文件写入服务器任意可写目录，最终实现远程代码执行（RCE）。

WordPress CVE-2026-9104 源码分析附 POC

sql注入->php webshell->系统shell

美国白宫今年五月宣布其白宫应用将自动下载到政府配发手机上。该应用无法卸载，即使政府雇员尝试卸载，应用也会很快重新安装。美国农业部、国务院和劳工部员工匿名接受采访时表示，这款应用出现在手机上时让他们感到不安，有人试图删除它，但失败了。“我把它删了，测试下，结果它立刻又出现了，”一位美国农业部雇员说。白宫应用内有一个按钮，允许用户“给特朗普总统发短消息”，点击后会自动弹出一个写着“史上最伟大总统”的文本框。应用的社交部分可看到来自白宫 X 账号推文、特朗普 Truth Social 账号发布的帖子，以及官方账号在 TikTok 和 Instagram 等平台上分享的视频。新闻部分包含了白宫新闻稿、简报和情况说明书，以及来自 Fox, Breitbart, Reuters, The New York Post 等媒体的精选文章，这些内容要么对本届政府政策大加赞扬，要么攻击民主党。一位政府雇员说这是赤裸裸的宣传。

诚邀网络安全负责人、CSIO、安全厂商高管参加，见证产业新变化

A newly discovered malware family is making its way onto systems worldwide by hiding inside fake software installers that look completely legitimate. Researchers have identified a campaign where attackers disguise their malicious tools as trusted programs like Cisco AnyConnect and Google Update, tricking users into running them without suspicion. Once the file is executed, a […]

The post Hackers Use Cisco AnyConnect and Google Update Lures to Drop SharkLoader Malware appeared first on Cyber Security News.

本文记录了 HackTheBox Shibboleth 靶机的一次完整渗透测试过程。文章首先通过 TCP 全端口扫描确认目标主要暴露 80/tcp 服务，并从 Web 重定向、页面源码、目录枚举和页面页脚信息中提取出 Zabbix 与 Bare Metal BMC 线索；随后结合 UDP 623 扫描与虚拟主机爆破，定位到隐藏的 Zabbix 登录入口以及 IPMI 服务暴露面。在初始访问阶段，文

安全工作的本质是"在不确定性中做判断"——无论是代码审计、渗透测试还是应急响应，安全工程师的核心能力不是执行固定流程，而是根据上下文灵活决策。这恰恰是 Agent 最擅长的事情

豆包Claw恶意项目外联载荷迭代更新；反沙箱、反虚拟机、反调试等对抗能力显著升级；全网首发 Remcos 远控木马一键配置提取脚本；

CVE-2026-23394漏洞分析

你的 HIDS 检查了 TCP 端口、扫了 UDP、抓了全量包——但如果后门根本不走网络栈呢？

A vulnerability identified as problematic has been detected in Microsoft Exchange Server 15.01.2507.069/15.02.1544.041. The affected element is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2026-47631. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.