Aggregator

一个奇怪的废弃资产？

一天，我正看着刚刚收集的某SRC资产列表，在图标列表里发现了一个从没见过的奇怪图标。

查看了下对应的资产，发现是一个定制的ComfyUI WEB资产 。

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025. First released by 7finney in 2022, Ethcode is a VS Code extension that's used to

If you know what “o11y” is, you probably know what a site reliability engineer (SRE) does. Maybe you are one. Observability pipelines help SREs monitor and understand system behavior by using data such as metrics, events, logs, and traces (MELT) and Golden Signals. But as information technology (IT) infrastructure...

Check Point discovered around 500 suspected Scattered Spider phishing domains, suggesting the group is preparing to expand its targeting

面向全球视角，看看到底多少APP在收集你的设备指纹信息！

这篇文章分析了Triada恶意软件中的高级Android打包工具Ducex，其通过加密函数、XOR加密字符串、反调试机制及检测分析工具（如Frida）来混淆分析和隐藏payload。

一个15岁男孩沉迷于电脑游戏，严重影响了哥哥的生活。哥哥尝试各种方法都无法阻止弟弟的行为，最终考虑通过干扰Wi-Fi来解决问题。

/r/netsec 是一个由社区管理的信息安全技术聚合平台，旨在为安全从业者、学生、研究人员和黑客提供有价值的内容，帮助他们从大量信息中提取关键信号。

/r/netsec 是一个由社区管理的技术信息安全内容聚合平台，旨在为安全从业者、学生、研究人员和黑客提供有价值的信息。

登录tix.qq.com获取更多资讯

No.0前言在一次日常的漏洞挖掘过程中，在一个微信小程序中本来毫无头绪的时候，在巧合之下点开了另外一个小程序

Many have probably heard of the modular malware for mobile devices called Triada. Even nine years after its first mention in 2016, it remains one of the most advanced Android trojans out there. Recently, our team at ANY.RUN came across an interesting sample of this malicious software. The sample in question was embedded in a […]

The post Technical Analysis of Ducex: Packer of Triada Android Malware  appeared first on ANY.RUN's Cybersecurity Blog.

Вебинар 9 июля в 11:00 — что делают LLM с вашими данными и как избежать утечек.

A vulnerability was found in Siemens Industrial Edge Device Kit, Industrial Edge Own Device, Industrial Edge Virtual Device, SCALANCE LPE9413, SIMATIC IPC BX-39A Industrial Edge Device, SIMATIC IPC BX-59A Industrial Edge Device, SIMATIC IPC127E Industrial Edge Device, SIMATIC IPC227E Industrial Edge Device, SIMATIC IPC427E Industrial Edge Device and SIMATIC IPC847E Industrial Edge Device. It has been classified as very critical. Affected is an unknown function of the component API Endpoint. The manipulation leads to weak authentication. This vulnerability is traded as CVE-2024-54092. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Siemens SIMATIC PCS neo, SINEC NMS, SINEMA Remote Connect, Totally Integrated Automation Portal and User Management Component. This issue affects some unknown processing. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2025-30174. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Siemens SIMATIC PCS neo, SINEC NMS, SINEMA Remote Connect, Totally Integrated Automation Portal and User Management Component up to 4.0/4.x. Affected is an unknown function. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-30175. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Siemens SIMATIC PCS neo, SINEC NMS, SINEMA Remote Connect, Totally Integrated Automation Portal and User Management Component and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-30176. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Siemens SCALANCE LPE9403. Affected by this issue is some unknown functionality of the component dcpd. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-40576. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Siemens SCALANCE LPE9403. This affects an unknown part of the component dcpd. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-40577. The attack needs to be initiated within the local network. There is no exploit available.