Aggregator

Apache Roller曝高危漏洞（CVSS 10.0），密码修改后攻击者仍可维持会话劫持！

关键词安全漏洞谷歌浏览器 136 版于 2025 年 4 月发布，引入了“访问链接分区”这一革命性功能，修复了

关键词数据泄露美国实验室检测服务提供商实验室服务合作社（LSC）证实，黑客于 2024 年 10 月侵入其计算

关键词Windows微软表示，部分用户在部署2025年4月版Windows恢复环境（WinRE）更新时可能会遇

关键词国家安全15日上午，哈尔滨市公安局发布的一则悬赏公告在全球网络安全领域掀起巨浪——公告直指三名美国国家安

Every piece of malware leaves traces behind. Sometimes it’s a string buried deep in the code. Other times it’s a mutex, a registry key, or a network pattern. The key is knowing what to look for.  That’s exactly what malware signatures are for. They describe these recurring elements, unique strings, behaviors, or structural patterns, that […]

The post Malware Signatures: How Cybersecurity Teams Use Them to Catch Threats  appeared first on ANY.RUN's Cybersecurity Blog.

OSRC众测挑战赛再度升级！

OSRC众测挑战赛再度升级！

Когда обрывается связь, просыпаются старые конфликты.

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability (CVE-2025-29471) in the web interface of Nagios Log Server that allows a standard (low-privilege) user to inject a malicious JavaScript payload into their profile’s ’email’ field to achieve privilege escalation. “When an administrator … More →

The post Critical flaws fixed in Nagios Log Server appeared first on Help Net Security.

Соблазн, страх и момент, когда ты решаешь не взламывать.

Thales report reveals bots now account for 51% of all web traffic, surpassing human activity

Кто стоит за атаками на чипы, телеком и даже игры.

2025年是《中华人民共和国国家安全法》颁布施行十周年。今年4月15日是第十个全民国家安全教育日，主题为“全民国家安全教育　走深走实十周年”。