Aggregator

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been rated as critical. Affected by this issue is the function xe_gt_tlb_invalidation_init of the component drm. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-21644. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. This affects an unknown part of the component pmc. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-21645. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This affects an unknown part of the file /proc/net/afs/ of the component afs. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2025-21646. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

文章描述了错误代码521的含义及其常见原因,指出该错误通常由Cloudflare服务引起,表示服务器无法处理请求,并建议检查服务器状态或联系主机提供商以解决问题。

HackerNews 编译，转载请注明出处： 卢森堡政府上周四宣布，正就7月23日导致全国通信瘫痪的网络攻击展开正式调查。此次攻击据称针对该国电信基础设施中的华为设备。 本次事故断网事件致使全国4G/5G移动网络中断超三小时。由于备用2G系统过载，大量民众无法拨打紧急服务电话，互联网接入与电子银行服务同样瘫痪。 政府向议会提交的声明指出，此次攻击以破坏服务为目的，而非意外导致系统故障的入侵行为。攻击者利用国有电信运营商POST Luxembourg所采用的“标准化软件组件”漏洞实施攻击。依赖该运营商移动网络的政府预警系统亦因此失效，未能向民众有效推送事件警报。 POST总经理强调此次攻击“异常先进且复杂”，但未侵入内部系统或窃取数据。POST正联合国家网络安全应急响应小组（CSIRT）开展司法取证调查。 尽管政府声明未明确提及受影响的供应商，卢森堡杂志《Paperjam》披露攻击目标实为华为路由器的配套软件。该国关键基础设施监管机构已要求所有使用华为企业级路由器的组织联系CSIRT报备。 华为企业级网络产品的VRP操作系统曾曝出远程拒绝服务漏洞，但近期未公开披露新漏洞。华为新闻办公室未回应置评请求。 卢森堡政府已协同CSIRT与检察院，在国家保护高级委员会（HCPN）下设立特别危机小组，专项处理事件响应及影响评估。CSIRT的司法取证旨在还原攻击过程，检察院则将评估是否构成犯罪并追查攻击者。 此次事件加速了卢森堡既定的国家韧性评估进程。当局正重新审视关键基础设施的稳健性（尤其是电信与应急服务的备用机制），担忧单一故障点可能引发灾难性后果。卢森堡同时探索监管改革，拟允许电信中断期间手机自动切换至其他运营商网络——该机制已在英、德、美等国应用于紧急呼叫场景。       消息来源：therecord； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

作者更新了AWSWAF solver以支持“image”类型验证，并利用Gemini实现图像识别。他认为该过程过于简单，安全措施不足。通过分析请求而非查看JS文件，他仅凭合理猜测就完成了任务。

当前环境出现异常问题，需完成验证后才能继续访问。

存储型XSS绕过三重防御机制

文章描述了云flare错误代码521的原因及解决方法。该错误表示服务器端未能建立连接或连接被重置。常见原因是服务器配置问题、网络连接异常或云flare设置错误。解决方法包括检查服务器状态、优化网络设置、重置云flare配置或联系技术支持以排除故障。

HackerNews 编译，转载请注明出处： Proofpoint安全研究人员发现一种新型凭证钓鱼攻击手段，黑客通过恶意OAuth应用结合多重重定向链劫持Microsoft账户，成功率超50%。2025年至今，该攻击已影响超900个Microsoft 365环境中的近3000个账户。 攻击流程解析 钓鱼邮件启动：攻击者利用被入侵邮箱发送伪装成商业合作请求的钓鱼邮件（如报价申请、合同协议），内容针对目标行业定制化设计，曾仿冒RingCentral、DocuSign等企业服务，甚至伪装小型航空企业ILSMart。 恶意应用授权陷阱：邮件内链接导向真实的Microsoft登录授权页面，诱导用户批准伪装成Adobe、DocuSign等合法服务的恶意OAuth应用请求。这些应用仅申请基础权限（如查看个人资料），以降低用户警惕性。 多重重定向劫持：无论用户点击“接受”或“取消”授权，均被重定向至验证码中间页，随后跳转至伪造的Microsoft登录页面。该页面实时窃取输入的凭证及双重认证会话令牌。 技术特征与规模 攻击链依赖钓鱼即服务（PhaaS）平台Tycoon构建，已发现超50个恶意应用参与攻击，其中4个仿冒Adobe、5个仿冒DocuSign，其余使用无关名称混淆视听。 恶意应用在授权后配置重定向规则，通过中间域名隐藏最终钓鱼页面，利用CAPTCHA页面增强欺骗性，诱使用户误认为处于合法流程中。 防御措施与行业响应 微软宣布调整Microsoft 365默认设置：普通用户向第三方应用授予账户权限需经管理员审批，以阻断恶意应用的权限获取路径。Proofpoint强调用户需时刻验证当前域名真实性，避免在重定向过程中提交敏感信息。 趋势警示：此类结合合法OAuth框架与社交工程的攻击链正成为犯罪团伙新标准，未来或将持续演化以绕过检测机制。       消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文  

A vulnerability classified as critical was found in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects the function netfs_extract_user_iter. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-21643. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component sysctl. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-21642. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.9/6.13-rc6. Affected by this issue is some unknown functionality of the component sysctl. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-21641. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is an unknown function of the component sysctl. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-21639. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected by this vulnerability is an unknown functionality of the component cookie_hmac_alg. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-21640. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

“ 特别声明：本公众号文章只作为学习交流，不可用作其他商业和不法用途；如有侵权请联系作者删除。”01—字符串

当前环境异常，请完成验证以继续访问。

Sandfly 5.0.6作为维护更新发布，修复了操作系统侦察数据大小增加和扫描日志错误报告改进的问题。非关键更新，建议有需要的用户参考文档升级。

作者分享了一个早期AI项目的构想,涉及深度网络架构、隐私和大语言模型等非传统方向,并寻求具备相关技术背景且乐于探索创新方法的合作者共同推进这一项目。

最近因为一些原因，重新玩DC系列靶机。在几个小伙伴的讨论下有把DC-9靶机弄出了两种解题方法