Aggregator

本报告剖析了夏季影响最严重的几起事件，以及安全团队在面对攻击浪潮来临时需要采取的措施。

该安全问题属于服务器端请求伪造（SSRF）漏洞，目前已被编号为CVE-2025-9074，其严重等级被评定为9.3分。

A vulnerability was found in OpenAM Consortium Edition 14.0.0/14.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SAML IdP Handler. The manipulation results in denial of service. This vulnerability is identified as CVE-2025-8662. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in MobSF Mobile-Security-Framework-MobSF 4.4.0. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is referenced as CVE-2025-58162. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in MobSF Mobile-Security-Framework-MobSF 4.4.0 and classified as critical. This impacts the function os.path.commonprefix of the file /download/ of the component Download File Handler. Executing manipulation can lead to path traversal. The identification of this vulnerability is CVE-2025-58161. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in ESPHome 2025.8.0 and classified as critical. This affects an unknown function of the component web_server. Performing manipulation results in incorrect implementation of authentication algorithm. This vulnerability was named CVE-2025-57808. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in SonarSource sonarqube-scan-action up to 5.3.0. The impacted element is an unknown function of the component Scan GitHub Action Handler. Such manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2025-58178. Local access is required to approach this attack. No exploit exists. You should upgrade the affected component.

The Wireshark Foundation today announced the release of Wireshark 4.4.9, delivering critical stability improvements and updates to its protocol dissectors. This incremental release, the ninth maintenance update in the 4.4 series, addresses a high-priority security issue and resolves multiple decoder flaws affecting enterprise and academic users alike. Key Security and Stability Fix The release fixes a […]

The post Wireshark 4.4.9 Released With Critical Bug Fixes and Protocol Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Природа целится миллионы лет, стреляет за секунду и попадает в яблочко.

Google Pixel 10发布不久即出现屏幕问题，包括雪花屏和彩色条纹，此前Pixel 5和7也曾出现类似故障。谷歌正调查并计划通过固件更新修复，但部分用户已选择退货。

A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings together two ideas: distributed monitoring at the edge and AI-driven analysis at the center. The work is still research stage, but it gives CISOs a sense of what could be possible if agentic AI systems make their way into enterprise environments. The project is open source, so it … More →

The post Can AI agents catch what your SOC misses? appeared first on Help Net Security.

平安科技（上海）有限公司发布招聘信息，招聘安全研究员（渗透/代码审计/AI赋能攻防）和安全研究员（大模型方向），要求具备丰富的攻防实战经验、编程能力和技术专长，并参与前沿技术研究与应用落地。

作者在Telegram的Fragment市场上出售用户名时遇到一名骗子，对方伪造Fragment界面试图诈骗。通过技术分析发现骗子网站与游戏项目关联，并怀疑运营者可能参与诈骗活动。

A sophisticated new keylogger malware dubbed “TinkyWinkey” that is targeting Windows systems with advanced stealth capabilities and comprehensive data exfiltration features. First observed in late June 2025, this malware represents a significant evolution in keylogging technology, combining multiple attack vectors to maintain persistence and avoid detection. TinkyWinkey operates through a dual-component architecture that maximizes both […]

The post New TinkyWinkey Trojan Targets Windows Systems With Sophisticated Keylogging appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity firm Zscaler has disclosed a data breach affecting customer contact information after unauthorized actors gained access to the company’s Salesforce database through compromised third-party application credentials. The breach originated from a broader campaign targeting Salesloft Drift, a marketing automation platform that integrates with Salesforce databases to manage leads and customer relationships. Cybercriminals successfully stole […]

The post Zscaler Discloses Data Breach Following Salesforce Instance Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

公司为员工发放平板电脑并安装Sophos移动控制软件以限制功能（如安全模式启动、USB连接和应用安装）。作者发现辅助功能中存在漏洞，关闭相关选项后绕过网络内容过滤，并计划进一步尝试以最终卸载Sophos。

ARC-AGI-3: новый тест на здравый смысл, который нейросети массово проваливают.

Identity has become a core pillar of cybersecurity strategy. Remote work, cloud-first adoption, and distributed supply chains have moved identity from “a tactical IT consideration to a strategic pillar of cybersecurity,” according to Cisco Duo’s 2025 State of Identity Security report. The study is based on a survey of 650 IT and security leaders across North America and Europe. It points to rising AI-driven threats, weak adoption of phishing-resistant authentication, and growing financial risk as … More →

The post Complexity and AI put identity protection to the test appeared first on Help Net Security.

Windows上的安全软件有时会将Linux ISO标记为恶意软件，因为其中包含可能改变磁盘布局和启动方式的代码。这种情况通常是误报。

A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2025-09-02, 86 days ago. The vendor is given until 2025-12-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.