CSOP2025看点 | 猿辅导温飞:SOC智能运营落地探索
当前环境出现异常,需完成验证后方可继续访问。
Aggregator
CSOP2025看点 | 猿辅导温飞:SOC智能运营落地探索
1 month ago
CSOP 2025·北京站 亮点前瞻
GPT-5 也嫌弃表情符号了,还说它不再谄媚,少拍马屁
1 month ago
GPT-5在智能对话、生成内容、跨模态处理等方面有所提升,但整体为渐进式优化而非革命性突破。其减少表情符号和谄媚行为,并对访问权限进行限制。
New infosec products of the week: August 8, 2025
1 month ago
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop, LastPass, and Riverbed. Elastic AI SOC Engine helps SOC teams expose hidden threats Elastic AI SOC Engine (EASE) is a new serverless, easy-to-deploy security package that brings AI-driven context-aware detection and triage into existing SIEM and EDR tools, without the need for an immediate migration or replacement. New Black Kite tool identifies which vendors are … More →
The post New infosec products of the week: August 8, 2025 appeared first on Help Net Security.
Anamarija Pogorelec
AI驱动的Cursor IDE易受Prompt-injection攻击
1 month ago
研究人员称之为CurXecute的漏洞存在于几乎所有版本的人工智能代码编辑器Cursor中,可以利用开发人员权限执行远程代码。安全问题现已确定为CVE-2025-54135,并可通过向AI代理提供恶意提示来触发攻击者控制命令。
Cursor集成开发环境(IDE)依靠AI代理来帮助开发人员更快、更有效地编写代码,允许他们使用模型上下文协议(MCP)与外部资源和系统连接。
根据研究人员的说法,黑客成功利用curexecute漏洞可能会打开勒索软件和数据盗窃事件的大门。
Prompt-injection攻击
CurXecute类似于Microsoft 365 CoPilot中的echolak漏洞,可以在没有任何用户交互的情况下窃取敏感数据。
人工智能网络安全公司Aim Security的研究人员在发现并了解了EchoLeak之后,了解到即使是本地人工智能代理也可能受到外部因素的影响,采取恶意行为。
Cursor IDE支持MCP开放标准框架,该框架通过允许代理连接到外部数据源和工具来扩展代理的功能和上下文。
Aim Security表示,MCP把一个本地代理变成了一个利器,允许它启动任意服务器——Slack、GitHub、数据库,并从自然语言调用他们的工具。研究人员提示,这可能会使代理暴露在外部的不可信数据中,从而影响其控制流。黑客可以利用这一点劫持代理的会话和权限,以用户的身份行事。
通过使用外部托管的提示注入,攻击者可以重写项目目录中的 ~/.cursor/mcp.json 文件,以启用任意命令的远程执行。
研究人员解释说,Cursor不需要确认即可执行新的条目到~/.cursor/mcp.json文件,并且对这些条目的建议编辑是实时的,即使用户拒绝它们也会触发命令的执行。
Aim Security表示,为Cursor添加标准MCP服务器(如Slack)可能会使代理暴露于不可信的数据。攻击者可以发布一个包含注入有效负载的恶意提示到公共频道mcp.json配置文件。
当受害者打开新的聊天并指示代理总结消息时,有效载荷(可能是一个shell)会在未经用户批准的情况下立即降落在磁盘上。
攻击面是任何处理外部内容的第三方MCP服务器:问题跟踪器、客户支持信箱,甚至是搜索引擎。一份被污染的文档就可以将AI代理变成本地shell。
Aim Security的研究人员表示,curexecute攻击可能导致勒索软件和数据盗窃事件,甚至可能通过幻觉操纵人工智能,从而破坏项目或实现slopsquatting攻击。
研究人员于7月私下向Cursor报告了CurXecute,随后该供应商将一个补丁合并到主分支中。7月29日,发布了Cursor 1.3版本,其中包含多项改进和对CurXecute的修复。Cursor还发布了CVE-2025-54135的安全提醒,该漏洞的中等严重性评分为8.6。安全人员建议用户下载并安装最新版本的Cursor,以规避已知的安全风险。
胡金鱼
Два китайца, два чипа и гнев Вашингтона: как RTX 4090 и H100 стали оружием в новой холодной войне
1 month ago
Контроль экспорта не сработал: GPU всё-таки ушли в Китай.
AI驱动的Cursor IDE易受Prompt-injection攻击
1 month ago
AI代码编辑器Cursor中的CurXecute漏洞允许攻击者通过恶意提示注入远程执行代码,可能导致勒索软件和数据盗窃风险。该漏洞利用MCP协议连接外部资源,并已发布补丁修复。
美NSA渗透测试供应商Horizon3.ai
1 month ago
NSA自主网络渗透测试供应商
美NSA渗透测试供应商Horizon3.ai
1 month ago
当前环境异常,请完成验证以继续访问。
CVE-2025-1521 | PostHog slack_incoming_webhook server-side request forgery
1 month ago
A vulnerability was found in PostHog and classified as critical. This issue affects the function slack_incoming_webhook. The manipulation leads to server-side request forgery.
The identification of this vulnerability is CVE-2025-1521. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-1522 | PostHog database_schema server-side request forgery
1 month ago
A vulnerability was found in PostHog. It has been classified as critical. Affected is the function database_schema. The manipulation leads to server-side request forgery.
This vulnerability is traded as CVE-2025-1522. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-52364 | Tenda CP3 Pro 22.5.4.93 Telnet Service /etc/init.d/eth.sh weak password (EUVD-2025-20828)
1 month ago
A vulnerability, which was classified as critical, has been found in Tenda CP3 Pro 22.5.4.93. This issue affects some unknown processing of the file /etc/init.d/eth.sh of the component Telnet Service. The manipulation leads to weak password requirements.
The identification of this vulnerability is CVE-2025-52364. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply restrictive firewalling.
vuldb.com
CVE-2025-44650 | Netgear R7000/EAX80 Configuration File bftpd.conf denial of service (EUVD-2025-22100)
1 month ago
A vulnerability classified as problematic was found in Netgear R7000 and EAX80. Affected by this vulnerability is an unknown functionality of the file bftpd.conf of the component Configuration File Handler. The manipulation leads to denial of service.
This vulnerability is known as CVE-2025-44650. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2025-43976 | com.enflick.android.tn2ndLine up to 24.17.1.0 on Android permission
1 month ago
A vulnerability, which was classified as critical, has been found in com.enflick.android.tn2ndLine up to 24.17.1.0 on Android. Affected by this issue is some unknown functionality. The manipulation leads to permission issues.
This vulnerability is handled as CVE-2025-43976. An attack has to be approached locally. There is no exploit available.
vuldb.com
CVE-2025-43977 | com.skt.prod.dialer up to 12.5.0 on Android permission
1 month ago
A vulnerability, which was classified as critical, was found in com.skt.prod.dialer up to 12.5.0 on Android. This affects an unknown part. The manipulation leads to permission issues.
This vulnerability is uniquely identified as CVE-2025-43977. Local access is required to approach this attack. There is no exploit available.
vuldb.com
CVE-2025-44658 | Netgear RAX30 1.0.10.94 PHP-FPM unrestricted upload
1 month ago
A vulnerability, which was classified as critical, has been found in Netgear RAX30 1.0.10.94. This issue affects some unknown processing of the component PHP-FPM. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2025-44658. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-44647 | Trendnet TEW-WLC100P 2.03b03 strongSwan Configuration insecure default initialization of resource (EUVD-2025-22097)
1 month ago
A vulnerability, which was classified as problematic, was found in Trendnet TEW-WLC100P 2.03b03. Affected is an unknown function of the component strongSwan Configuration. The manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk leads to insecure default initialization of resource.
This vulnerability is traded as CVE-2025-44647. The attack can only be done within the local network. There is no exploit available.
vuldb.com
CVE-2024-55040 | Sensaphone WEB600 Monitoring System up to 1.6.5.H GET g7200/g7300/g4601/g1F02 cross site scripting (EUVD-2024-54806)
1 month ago
A vulnerability has been found in Sensaphone WEB600 Monitoring System up to 1.6.5.H and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Handler. The manipulation of the argument g7200/g7300/g4601/g1F02 leads to cross site scripting.
This vulnerability is known as CVE-2024-55040. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-44657 | Linksys EA6350 2.1.2 Configuration File chroot_local_user improper authorization (EUVD-2025-22098)
1 month ago
A vulnerability was found in Linksys EA6350 2.1.2 and classified as critical. Affected by this issue is some unknown functionality of the component Configuration File Handler. The manipulation of the argument chroot_local_user leads to improper authorization.
This vulnerability is handled as CVE-2025-44657. The attack needs to be done within the local network. There is no exploit available.
vuldb.com
CVE-2025-44651 | Trendnet TPL-430AP 1.0 Configuration File USERLIMIT_GLOBAL denial of service (EUVD-2025-22099)
1 month ago
A vulnerability was found in Trendnet TPL-430AP 1.0. It has been classified as problematic. This affects an unknown part of the component Configuration File Handler. The manipulation of the argument USERLIMIT_GLOBAL leads to denial of service.
This vulnerability is uniquely identified as CVE-2025-44651. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com