Aggregator

CredMaster 是一款基于 Python 的密码喷射工具，通过动态生成 Amazon API Gateway 端点旋转 IP 地址以避开节流和检测机制。支持插件架构、匿名化请求及多线程处理，适用于 Office 365 和 Okta 等高价值目标的渗透测试和防御演练。

Argus 是一个基于 Python 的多功能安全工具包，整合了 DNS 解析、子域枚举、SSL 检查等 50 多个侦察模块至统一 CLI 界面。它专为红队设计，在网络基础设施、Web 应用分析及威胁情报方面提供全面支持，并简化了早期攻击面测绘与 OSINT 流程。

文章探讨了暗网作为网络威胁情报的重要来源，介绍了利用开源情报（OSINT）工具和技术从暗网中提取有价值信息的方法，并通过多个案例展示了如何将这些信息应用于实际的安全防御中。

RackNerd推出特惠VPS服务器，售价低至每年11美元，配置包括1核、1GB内存、20GB固态硬盘及2000GB流量。洛杉矶机房重新开放，延迟约170-200毫秒。不支持IPv6，仅提供一个IPv4地址。购买后不可退款，支持支付宝支付。

A vulnerability was found in Apple iOS and iPadOS. It has been declared as problematic. This vulnerability affects unknown code of the component Privacy Indicator. The manipulation leads to denial of service. This vulnerability was named CVE-2025-43217. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Apple macOS. This issue affects some unknown processing of the component Media File Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2025-43224. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Apple tvOS. Affected is an unknown function of the component Media File Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-43224. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple visionOS and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Media File Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-43224. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS and classified as problematic. Affected by this issue is some unknown functionality of the component Media File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2025-43224. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS up to 15.5. It has been declared as problematic. This vulnerability affects unknown code of the component USD File Parser. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-43218. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

НАСА готова на всё ради топлива будущего. И завоевания космических просторов.

文章介绍了如何处理错误代码521的问题,包括检查网络连接、重启设备、清除缓存和更新软件等方法,并提供了进一步联系技术支持的建议。

HackerNews 编译，转载请注明出处： 俄罗斯以国家安全威胁为由，封禁了美国公司Ookla开发的流行网速测试工具Speedtest，声称该服务可能助长网络攻击。该国通信监管机构Roskomnadzor（俄罗斯联邦通信、信息技术和大众传媒监督局）表示，封禁源于对俄罗斯通信基础设施及主权互联网Runet的安全担忧。 该机构指控Speedtest收集的详细数据可能被恶意利用。“这家美国公司获取俄罗斯通信节点布局和容量数据，”Roskomnadzor向当地媒体声明称，“这些数据可用于策划、实施及评估针对俄罗斯网络及相关系统的攻击。” Speedtest在俄罗斯被广泛使用，包括电信运营商用于内部分析。但该机构指出，这家美国平台此前未能遵守俄罗斯数据法律。Ookla因未按当地法律要求将俄罗斯用户数据本地化存储，在2022年及2023年连续两年被处以罚款。 作为替代方案，Roskomnadzor建议用户转向国产应用ProSet。这款由政府关联机构开发的安卓工具可测量数据速度、移动信号强度和网络可用性。目前其普及度有限：过去一年下载量仅约2万次，在俄罗斯应用商店Rustore平均评分2.9分（满分5分），用户对其性能、准确性和可靠性差评如潮。 周三早些时候，故障追踪服务Downdetector报告Speedtest服务中断的投诉激增。Downdetector于2018年被总部位于西雅图的Ookla收购。俄罗斯现正使用该服务的本地托管版本来追踪影响国家服务的故障。截至发稿，Ookla未回应置评请求。 此举正值俄罗斯多个地区移动网络持续中断且网速下降之际，也反映政府正加大力度用国产技术替代外国产品，并加强对俄互联网的控制。 今年6月，美国基础设施公司Cloudflare报告称，俄罗斯互联网提供商已开始屏蔽使用其服务的网站。虽未获官方解释，但Cloudflare表示该限制符合莫斯科孤立其数字基础设施的战略。 据报道，俄当局正考虑封禁该国最普及的通讯应用WhatsApp，同时推广名为Max的国产替代品（目前处于测试阶段），旨在打造类似中国微信的国家级通讯平台。       消息来源：therecord； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

アルファサード株式会社が提供するPowerCMSには、複数の脆弱性が存在します。

微软发布Windows 11 Canary Build 27913版，修复了启动铃声误放Windows Vista音效的问题，并调整设置应用搜索框位置至顶部。此外还解决了桌面背景变黑、设置崩溃、投射音频故障、黑屏死机、亚克力效果异常及组策略编辑器显示问题等。升级后可能出现PIN码丢失或圆形进度条显示为矩形等问题。

A vulnerability has been found in Apple tvOS and classified as critical. Affected by this vulnerability is an unknown functionality of the component Web Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-43213. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple visionOS and classified as critical. Affected by this issue is some unknown functionality of the component Web Handler. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-43213. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple watchOS. It has been classified as critical. This affects an unknown part of the component Web Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-43213. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been declared as critical. This vulnerability affects unknown code of the component Web Handler. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-43213. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

第七届“纵横”网络空间安全创新论坛在哈尔滨成功举办，聚焦网络国防与安全主题，汇聚两院院士、专家学者及企业代表，共议新机遇与挑战。论坛发布《网络空间测绘技术白皮书》等重要成果，并首次提出未来十大科学挑战问题，推动我国网络安全防护体系建设。