Aggregator
WhiteFox:由大型语言模型驱动的白盒编译器模糊测试
“保密起诉” - 美国网络安全执法杀手锏解读
Bypassing Live HTML Filtering to Trigger Stored XSS – DOM-Based Exploitation
Легализовать нельзя забанить: запятая Госдумы убила багбаунти
Signed Drivers Fueling Kernel Attacks: 620+ Malicious Drivers & 80+ Compromised Certs Target Windows
Malicious actors are increasingly leveraging digitally signed drivers to carry out stealthy attacks on the Windows kernel, circumventing standard security mechanisms and enhancing their ability to remain undetected. Despite the presence of safeguards such...
The post Signed Drivers Fueling Kernel Attacks: 620+ Malicious Drivers & 80+ Compromised Certs Target Windows appeared first on Penetration Testing Tools.
Ransomware War Ignites: DragonForce & RansomHub Clash Threatens Businesses with Re-Extortion
The hacker collective known as DragonForce, responsible for a series of high-profile cyberattacks targeting British retail giants such as Marks & Spencer, Harrods, and Co-Op, has now ignited an all-out confrontation with the rival...
The post Ransomware War Ignites: DragonForce & RansomHub Clash Threatens Businesses with Re-Extortion appeared first on Penetration Testing Tools.
比特币 ATM 上市公司迟报数据泄露,超 2.6 万人敏感信息遭窃
比特币 ATM 上市公司迟报数据泄露,超 2.6 万人敏感信息遭窃
AI Coding Assistants Under Attack: “Slopsquatting” Malware Exploits AI Hallucinations for Supply Chain Compromise
A new threat has emerged in the realm of AI-assisted programming, known as “slopsquatting.” This attack has become particularly dangerous amid the surging popularity of AI coding assistants like Claude Code CLI, OpenAI Codex...
The post AI Coding Assistants Under Attack: “Slopsquatting” Malware Exploits AI Hallucinations for Supply Chain Compromise appeared first on Penetration Testing Tools.
Shellter Tool Abused by Hackers: Developers Slam Elastic for “Negligent” Disclosure
The development team behind the Shellter tool—a utility designed to evade antivirus and EDR detection—has confirmed that their product has fallen into the hands of malicious actors. At the same time, they have accused...
The post Shellter Tool Abused by Hackers: Developers Slam Elastic for “Negligent” Disclosure appeared first on Penetration Testing Tools.
Brazil Bank Heist: Insider Bribery Leads to $140M Theft from 6 Banks Via C&M Fintech Firm
Hackers have stolen nearly $140 million from six Brazilian banks by exploiting the credentials of an employee at C&M, a company responsible for maintaining financial connectivity between commercial banks and the Central Bank of...
The post Brazil Bank Heist: Insider Bribery Leads to $140M Theft from 6 Banks Via C&M Fintech Firm appeared first on Penetration Testing Tools.
SEO Poisoning Campaign Targets IT Pros: Fake PuTTY & WinSCP Sites Deliver “Oyster” Backdoor
Cybersecurity experts at Arctic Wolf have identified a fresh wave of attacks employing SEO poisoning techniques, aimed at distributing a well-known malware loader called Oyster—also referred to as Broomstick or CleanUpLoader. Threat actors are...
The post SEO Poisoning Campaign Targets IT Pros: Fake PuTTY & WinSCP Sites Deliver “Oyster” Backdoor appeared first on Penetration Testing Tools.
Anatsa 银行木马卷土重来,锁定北美银行客户
Anatsa 银行木马卷土重来,锁定北美银行客户
中国领事馆已请求并获准探视徐
Urgent Citrix Bleed 2 (CVE-2025-5777, CVSS 9.3) Actively Exploited: MFA Bypass & Session Hijacking Threaten Enterprises
Security researchers have unveiled functional exploits targeting a critical vulnerability in Citrix NetScaler ADC and Gateway devices. Designated CVE-2025-5777, the flaw has been informally dubbed CitrixBleed2 — a pointed reference to the similarly severe...
The post Urgent Citrix Bleed 2 (CVE-2025-5777, CVSS 9.3) Actively Exploited: MFA Bypass & Session Hijacking Threaten Enterprises appeared first on Penetration Testing Tools.
停用Cloudflare!疑似将网站解析到.1的CDN IP地址导致大量网站无法访问
Linux Boot Flaw (CVE-2016-4484): Secure Boot & Disk Encryption Bypassed, Persistent Malware Possible
Alexander Mogh, a security researcher at ERNW, has uncovered a critical vulnerability in the boot mechanisms of modern Linux distributions, including Ubuntu 25.04 and Fedora 42. Despite full disk encryption, Secure Boot, and password-protected...
The post Linux Boot Flaw (CVE-2016-4484): Secure Boot & Disk Encryption Bypassed, Persistent Malware Possible appeared first on Penetration Testing Tools.