Aggregator

文章解释了“521错误代码”表示Web服务器返回了无效响应的问题，通常由服务器配置错误、网络问题或过载引起。建议检查服务器配置、联系主机提供商或优化服务器性能以解决问题。

HackerNews 编译，转载请注明出处： 自称“Rey”的黑客宣称从西班牙电信巨头Telefónica窃取106GB数据，但该公司回应称这仅是敲诈企图。 在埃隆·马斯克旗下社交平台X的声明中，Rey指出Telefónica否认其内部网络遭数据窃取，因此将先行公开5GB数据作为证据。黑客威胁称：“我将很快公布完整文件目录树；若未来数周内Telefónica仍不妥协，全部数据档案将被公开 。” 据技术媒体BleepingComputer核实，Rey已发布超2万份文件佐证入侵真实性。黑客透露攻击发生于2025年5月30日，在Telefónica IT人员察觉前已持续窃密12小时。据称窃取总量达385,311份文件（106.3GB），涵盖五类核心数据： 内部通信记录（服务工单与邮件） 采购订单及商业伙伴发票 系统操作日志 客户档案 员工信息 Telefónica官方至今未承认事件，但有员工指称这是利用过时信息的敲诈行为。值得关注的是，Rey隶属勒索组织HellCat，该组织2025年1月就曾通过Jira开发服务器入侵Telefónica窃取客户信息。不同于传统勒索模式，HellCat采用“不认账即全泄露”的胁迫策略，此次事件再次印证其战术特征。 Telefónica作为全球顶级电信运营商，拥有逾10万员工，2024年营收达405亿美元（约合人民币2920亿元），毛利近205亿美元（约合人民币1476亿元）。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...

The post Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours appeared first on Penetration Testing Tools.

A vulnerability was found in rjrodger rjrodger jsonic-next 2.12.1. It has been declared as problematic. This vulnerability affects the function util.clone. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability was named CVE-2024-39002. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in amoyjs amoy common 1.0.10. Affected by this issue is the function setValue. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is handled as CVE-2024-39003. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical was found in Online Clinic Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /success/editp.php?action=edit. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2024-48597. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Mitel MiCollab up to 9.8.0.33. Affected is an unknown function of the component NuPoint Messenger. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-35286. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Mitel MiCollab up to 9.8.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the component NuPoint Messenger. The manipulation leads to execution with unnecessary privileges. This vulnerability is known as CVE-2024-35287. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.8.1.201. It has been declared as critical. This vulnerability affects unknown code of the component Conferencing Component. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-47912. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in Vilo Mesh WiFi System up to 5.16.1.33 and classified as critical. This vulnerability affects unknown code of the component TCP Service Port 5432. The manipulation leads to missing authentication. This vulnerability was named CVE-2024-40087. The attack can be initiated remotely. There is no exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in Vilo Mesh WiFi System up to 5.16.1.33. It has been classified as critical. Affected is an unknown function of the component Boa Webserver. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-40084. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.8.1.201. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component AWV. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-47223. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Vilo Mesh WiFi System up to 5.16.1.33. This vulnerability affects unknown code of the component Boa Webserver. The manipulation leads to path traversal. This vulnerability was named CVE-2024-40088. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in parisneo lollms-webui up to 9.8 and classified as problematic. This vulnerability affects the function lollms_binding_infos. The manipulation of the argument client_id leads to cross-site request forgery. This vulnerability was named CVE-2024-6040. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component Clipboard Virtual Channel Extension. The manipulation leads to sensitive data storage in improperly locked memory. This vulnerability is uniquely identified as CVE-2024-38131. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Mitel MiCollab up to 9.8.0.33. It has been rated as critical. This issue affects some unknown processing of the component NuPoint Messenger. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-35285. The attack may be initiated remotely. There is no exploit available.

A sophisticated SEO poisoning campaign targeting system administrators with malicious backdoor malware. Arctic Wolf security researchers have uncovered a dangerous search engine optimization (SEO) poisoning and malvertising campaign that has been targeting IT professionals since early June 2025. The campaign uses fake websites hosting Trojanized versions of popular IT tools, specifically PuTTY and WinSCP, to […]

The post Weaponized Versions of PuTTY and WinSCP Attacking IT Admins Via Search Results appeared first on Cyber Security News.

ISC Stormcast播客于2025年7月8日发布，值班处理员为Xavier Mertens，当前威胁级别为绿色。即将于7月14日至19日在华盛顿举办“应用安全：保护Web应用、API和微服务”课程。

文章指出软件供应链安全已成为关键问题，并分析了开源大模型、智能网联汽车等新兴领域的风险。

文章描述了一个错误代码521的情况，通常由Cloudflare引发，表明Web服务器无法处理请求。这可能是由于服务器过载或配置问题导致的。