Aggregator

WebYWB_Web_xff先看源码，需要修改ip进行登录使用插件修改ip随意输入登录即可YWB_Web_未授权访问先抓包，发现cookie存在问题，url解码看看，是序列化数据，最后一位是0，可以修改为1越权登录格式如下成功拿到flageasyweb首先代码审计，需要post传参cmd，并且回显被注释了，无回显的RCE使用curl进行数据外带，--data指定命令，需要使用公网服务器接收YWB_

Cdp协议深度应用与探索

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagation techniques and advanced obfuscation to exploit vulnerabilities in misconfigured Redis servers, deploying a customized version of the XMRig miner to mine Monero cryptocurrency. The threat actor behind […]

The post RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

分析Vite 开发服务器在处理 URL 请求时存在路径验证不足的问题

击者可能仅通过模型的API查询接口（即“黑盒”访问），就能推断出某条数据是否被用于训练（成员推断攻击），甚至直接提取训练数据中的具体内容（数据提取攻击）。这些攻击技术的快速发展揭示了一个严峻的事实：大模型的强大功能与其隐私风险之间存在深刻的矛盾

Serviceaide, Inc. announced a significant data security breach affecting approximately 480,000 Catholic Health patients.  The incident, which occurred due to an improperly secured Elasticsearch database, exposed sensitive patient information for nearly seven weeks between September and November 2024.  Though no direct evidence of data theft has been confirmed, the company cannot rule out unauthorized access […]

The post Serviceaide Cyber Attack Exposes 480,000 Catholic Health Patients’ Data appeared first on Cyber Security News.

Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access. Learn more from Specops Software on how to secure your service desk. [...]

In 2025, Android users will face an increasingly sophisticated malware landscape, with evolving threats that leverage artificial intelligence, advanced evasion techniques, and new attack vectors. Despite efforts to bolster security, research indicates that malware continues to pose significant risks to the over 3 billion Android devices worldwide. The Current Malware Landscape Research suggests Android malware […]

The post Android Security Guide – Safeguarding Against Malware in 2025 appeared first on Cyber Security News.

A critical vulnerability in SAP enterprise software, CVE-2025-31324, has been exploited by the Russian Ransomware-as-a-Service (RaaS) group Qilin nearly three weeks before its public disclosure, according to a recent investigation. The vulnerability, which received the highest possible CVSS score of 10.0, affects SAP NetWeaver Visual Composer, a component widely deployed in enterprise environments globally. The […]

The post Qilin Exploited SAP 0-Day Vulnerability Weeks Before its Public Disclosure appeared first on Cyber Security News.

Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the process of validating emails and usernames against social media platforms. Released between April 2023 and […]

The post Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Multiple high-severity vulnerabilities affecting VMware Cloud Foundation could allow malicious actors to access sensitive data and perform unauthorized actions. The vulnerabilities, assigned CVE IDs CVE-2025-41229, CVE-2025-41230, and CVE-2025-41231 with CVSS base scores ranging from 7.3 to 8.2, posing significant risks to organizations using affected versions of VMware Cloud Foundation.  Directory Traversal Vulnerability Exposes Internal Services […]

The post VMware Cloud Foundation Vulnerability Let Attackers Access Sensitive Data appeared first on Cyber Security News.

Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority of the company’s assets. Announced Monday, the deal would transfer 23andMe’s consumer genomics business and valuable biobank containing genetic data from millions of customers to Regeneron, pending bankruptcy court and […]

The post Regeneron to Buy 23andMe for $256M Amid Growing Data Privacy Concerns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #580588 / VDB-309664

Submit #580567 / VDB-309663

分析高版本Fastjson组件getter调用过程中的限制成因，以及一步步尝试探索通过动态代理技术代理安全接口，规避Fastjson对危险类的黑名单检查，使反序列化时通过代理接口转发调用到恶意类的getter方法（如TemplatesImpl的getOutputProperties），从而绕过黑名单限制触发漏洞。

Submit #580412 / VDB-309662

Submit #580399 / VDB-309659