Aggregator

免责声明： 本人所有文章均为技术分享，均用于防御为目的的记录，所有操作均在实验环境下进行，请勿用于其他用途，否则后果自负。

A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. Affected by this issue is some unknown functionality of the component Page Attribute Display Block Handler. The manipulation of the argument Title leads to cross site scripting. This vulnerability is handled as CVE-2025-2972. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profile_image leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-2973. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

无影命令行版上线，保留了无影核心功能，包括端口扫描、URL指纹识别、POC漏洞验证、弱口令破解、目录扫描、子域名枚举等8大功能模块。

A vulnerability, which was classified as critical, was found in Pre Printing Press. Affected is an unknown function of the file product_desc.php of the component Printing. The manipulation of the argument pid leads to sql injection. This vulnerability is traded as CVE-2012-5334. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： 一家名为Morphing Meerkat的网络钓鱼即服务（PhaaS）运营平台近日被安全研究人员发现。该平台利用DNS over HTTPS（DoH）协议逃避检测，并通过DNS邮件交换（MX）记录识别受害者的电子邮件提供商，动态生成超过114个品牌的仿冒登录页面。 大规模网络钓鱼行动 Morphing Meerkat自2020年起活跃，由Infoblox的安全研究人员首次揭示。尽管部分活动曾被记录，但该平台在过去几年中大多未被察觉。 作为一款完整的PhaaS工具包，Morphing Meerkat为技术能力有限的攻击者提供了一站式的网络钓鱼攻击解决方案。它拥有集中化的SMTP基础设施，用于发送垃圾邮件。其中50%的邮件来源于英国的iomart和美国的HostPapa提供的互联网服务。 该平台能够模拟包括Gmail、Outlook、Yahoo、DHL、Maersk和RakBank等在内的114家电子邮件和服务提供商，发送带有类似“需要采取行动：账户停用”等紧急主题的邮件。这些邮件支持多种语言，包括英语、西班牙语、俄语和中文，且能够伪造发件人姓名和地址。 攻击流程 当受害者点击邮件中的恶意链接时，他们会经历一系列开放重定向攻击。这些重定向通常通过广告技术平台（如Google DoubleClick）执行，并涉及受感染的WordPress网站、伪造的域名和免费托管服务。 最终，钓鱼工具包会在受害者的浏览器中加载，同时利用DoH向Google或Cloudflare发送DNS查询以获取受害者电子邮件域名的MX记录。根据查询结果，工具包会动态生成伪造的登录页面，并自动填充受害者的电子邮件地址。 一旦受害者输入凭据，数据会通过AJAX请求和PHP脚本发送到攻击者的外部服务器。此外，攻击者还可能使用Telegram机器人webhook进行实时转发。为了验证凭据的准确性，受害者首次输入密码后会收到一条错误信息提示密码无效，诱导其再次输入。 输入成功后，受害者会被重定向至真实的身份验证页面，以减少怀疑。 使用DoH与DNS MX的隐蔽性 Morphing Meerkat的独特之处在于采用DoH和DNS MX记录，这些高级技术使攻击更具隐蔽性。 DoH通过加密的HTTPS请求执行DNS解析，替代传统的基于UDP的DNS查询，从而绕过DNS监控。MX记录则用于指示哪个服务器负责接收特定域的电子邮件。攻击者通过客户端直接查询Cloudflare或Google获取MX记录信息，从而避免被检测。 利用MX记录信息，钓鱼工具包能够实时生成与受害者邮箱提供商匹配的仿冒页面，提升攻击的成功率。 防御建议 Infoblox建议企业实施更严格的DNS控制，阻止用户直接与DoH服务器通信。此外，还应限制用户访问与企业业务无关的广告技术和文件共享基础设施，以降低攻击风险。 与Morphing Meerkat相关的所有攻击指标（IoC）已公开发布在GitHub存储库中，供安全研究人员进一步分析。   消息来源：Bleeping Computer 本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as problematic, has been found in Pdfcrowd Save as PDF Plugin up to 3.1.x on WordPress. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2023-5971. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in LetterPress Plugin up to 1.2.2 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-3590. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Apple iTunes up to 12.13.1 on Windows. Affected is an unknown function. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2024-27793. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Add Custom CSS and JS Plugin up to 1.20 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-3903. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /view/exam_timetable_grade_wise.php. The manipulation of the argument exam leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-4684. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in UnGallery Plugin up to 2.2.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-3582. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /view/exam_timetable_update_form.php. The manipulation of the argument exam leads to cross site scripting. This vulnerability is known as CVE-2024-4682. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /view/exam_timetable_insert_form.php. The manipulation of the argument exam leads to cross site scripting. This vulnerability is handled as CVE-2024-4683. The attack may be launched remotely. Furthermore, there is an exploit available.