Aggregator

Estonia will require additional security screening for emails sent from Russia’s .ru top-level domain before they reach government officials, according to the country's minister of justice and digital affairs.

Java 注解处理器（Annotation Processor）是 javac 编译器的标准扩展机制，通过 SPI 服务发现可在编译阶段被自动加载执行。攻击者将恶意注解处理器嵌入看似正常的第三方库，受害者仅执行 mvn compile 即可在编译阶段触发任意代码执行，无需运行应用、无需调用恶意类、无需使用特定注解。

本文是 HackTheBox Horizontall 靶机的详细渗透测试记录。通过端口扫描发现 Web 服务，在前端 JS 文件中提取出隐藏子域名 api-prod.horizontall.htb，识别出 Strapi CMS（3.0.0-beta.17.4）。利用 CVE-2019-18818（NoSQL 注入重置管理员密码）获取管理员权限，再结合 CVE-2019-19606（插件安装命令注入

在日常渗透测试与安全测试中，前端加密（尤其是登录参数的加密）是绕不开的一类场景。 通过本文的实践,你将看到：一句自然语言 + 一个 MCP 环境 + 一套代理链路，如何将原本至少需要几十分钟的 JS 逆向工作，压缩到几分钟内完成。

Foreign Function & Memory API（FFM API）是 JDK 21 引入的用于替代 JNI 的本地互操作接口。

一张看起来人畜无害的PNG，像素里藏着完整的shellcode。不触磁盘，从图片解码到内存执行一步到位。

1978 年，DEC 发布了 VT100 终端。为了让这台"哑终端"能显示彩色文字、移动光标、清屏，他们设计了一套控制序列——以 ESC（0x1B）开头的字节序列。这就是 ANSI 转义序列的源头。近半个世纪后，现代终端模拟器依然忠实地解析这些序列。

本文从一个安全从业者的视角，探讨 AI 在渗透测试中的真实落地方式。作者基于开源项目 AI Burp Copilot v2 的实践，分享了"LLM 负责理解、规则引擎负责执行"的分层架构设计，以及在这一过程中遇到的三个真实困境——LLM 的不一致性、业务逻辑漏洞的规则覆盖难题。旨在为同样在探索 AI + 安全的同行提供一些务实参考。

ISCC2026部分web题wp

用多 Agent 分工处理安全任务，用 Docker 沙箱约束工具执行，用持久化事件和上下文投影保证任务过程可恢复、可审计、可复盘。

The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsensual AI-generated nude images and videos of women, in what appears to be the first publicly announced domain seizure under the TAKE IT DOWN Act. [...]

The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications.

The post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appeared first on CyberScoop.

A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. [...]

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the unusual part: the attackers rewired the victims' own Google Workspace rules to copy any message

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes

The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.