Aggregator

在红队攻防权限维持中，流量问题是一个无法被忽视的问题，作为红队的你肯定有过被白名单拦截，IP被抓到溯源的痛苦，本文通过链式寄生C2技术绕过流量检测达到防溯源，防白名单的效果，在EDR对抗中颇有成效。

​ 近日在研究异构路由器漏洞时，笔者使用的IDA出现了反编译异构路由器卡死的问题，和身边是师傅们交流后发现，这种问题不在少数，这种工具类的问题严重影响了正常的工作，故进行研究。 ​ 出现问题的直接原因在于此前由于IDA 8.3及以后的hexrays并未泄露，无法使用过去IDA 7.7的插件进行反编译，一通操作下通过ida_dll_shim等项目对7.7的hexrays进行了移植。移植完

A vulnerability was found in Microsoft Internet Explorer up to 8 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The identification of this vulnerability is CVE-2013-3164. The attack needs to be initiated within the local network. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise. The flaw, designated CVE-2025-49144, allows attackers to gain SYSTEM-level privileges through a technique known as binary planting, with a proof-of-concept demonstration now publicly available. The vulnerability affects the Notepad++ v8.8.1 installer released on […]

The post Notepad++ Vulnerability Let Attacker Gain Complete System Control – PoC Released appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 英国政府每年约有价值130万英镑（170万美元）的笔记本电脑、手机等设备遭窃或遗失，对国家安全构成系统性风险。《卫报》披露的信息公开数据显示，去年政府各部门共丢失超2000台设备，其中包含协调政府运作的内阁办公厅。 受影响的机构还包括国防部、内政部、财政部及英格兰银行。具体数据显示：内阁办公厅在2024年遗失66台笔记本电脑和124部手机；国防部报告丢失103台笔记本和387部手机；主管警务的内政部去年有147台设备失踪；而负责网络安全的科学、创新与技术部，在截至2025年5月的一年内遗落83部手机和18台笔记本。 网络安全专家指出，这些数字“惊人地庞大”且构成“重大国家安全威胁”，尤其当设备失窃时处于解锁状态。不过政府声称加密机制可阻止恶意访问——国防部强调加密“能保障数据安全并阻断对国防网络的入侵”；英格兰银行表示已部署“适当防护”；政府发言人则重申“所有笔记本电脑和手机均强制加密，确保遗失不会导致安全漏洞。” 官方声明称，所有遗失事件均按规程调查。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Mitel MiCollab and MiVoice Business Solution Virtual Instance. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-41714. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Keith Cullen FreeCoAP. It has been declared as problematic. This vulnerability affects the function server_handle_regular of the file test_coap_server.c of the component Packet Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2024-31029. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Keith Cullen FreeCoAP. Affected by this vulnerability is an unknown functionality of the file coap_msg.c of the component Packet Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2024-40494. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in FlowiseAI Flowise 2.2.6. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v1/attachments. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-26319. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Jenkins. It has been classified as problematic. This affects an unknown part of the file config.xml of the component REST API/CLI. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-27622. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Jenkins. It has been declared as problematic. This vulnerability affects unknown code of the component REST API/CLI. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-27623. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Jenkins. It has been rated as problematic. This issue affects some unknown processing of the component Sidepanel Widget Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-27624. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.4.1. It has been rated as critical. This issue affects some unknown processing of the file /WeGIA/controle/control.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2025-52474. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in OceanWP Plugin up to 4.0.9 on WordPress and classified as problematic. This vulnerability affects unknown code of the component HTML Tag Handler. The manipulation of the argument Select leads to HTML injection. This vulnerability was named CVE-2025-5524. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in GiveWP Plugin up to 4.3.0 on WordPress and classified as critical. This issue affects the function permissionsCheck. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2025-4571. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Football Pool Plugin up to 2.12.4 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-5490. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in mysiteforme 1.0/2.2.1. This vulnerability affects unknown code. The manipulation leads to sql injection. This vulnerability was named CVE-2025-26136. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

微软六月例行安全更新的一个补丁 KB5060842 修改了 Windows 11 管理系统还原点的方式：将有效时间设为 60 天，超过 60 天的还原点将不可用。Windows 11 v24H2 没有改变还原点的创建或使用方式；它只是为还原点的存储时间设定了明确的期限。如果分配的磁盘空间已满，系统仍然会删除时间较旧的还原点。现在无论可用磁盘空间多大，还原点的存储时间上限都固定为 60 天。

RMIConnector二次反序列化的绕过与利用