"Карающая сова" выходит на охоту. Новая группа хакеров атакует госсектор РФ — кажется, код за них пишет нейросеть
Positive Technologies сообщила о появлении новой политически мотивированной группы хакеров.
Aggregator
业绩预告季结束:15家网络安全上市公司收入8增7减、扣非净利润6升9降
3 months 2 weeks ago
2025年中国网络安全市场初步复盘:弱复苏、强内卷与现金流为王。
SolarWinds 修复四个严重漏洞,可导致未认证RCE和认证绕过
3 months 2 weeks ago
速修复
Ivanti 提醒注意已遭利用的两个 EPMM 漏洞
3 months 2 weeks ago
速修复
奇安信获NVDB-CAVD年度优秀技术支撑单位 10项原创漏洞证书彰显车联网安全实力
3 months 2 weeks ago
奇安信作为技术支撑单位代表受邀参会并作经验分享,荣获"2025年度优秀技术支撑单位"称号,同时获得10项超高危原创漏洞证书,成为本次会议中获颁漏洞证书数量最多的单位。
安全热点周报:微软 Office 零日漏洞允许恶意文档绕过安全检查
3 months 2 weeks ago
CVE-2026-24054 | kata-containers Kata Containers up to 3.25.x unusual condition (GHSA-5fc8-gg7w-3g5c / EUVD-2026-4958)
3 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in kata-containers Kata Containers up to 3.25.x. Affected by this issue is some unknown functionality. The manipulation leads to improper check for unusual conditions.
This vulnerability is documented as CVE-2026-24054. The attack can be initiated remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-69516 | Amidaware Tactical RMM up to 1.3.1 Jinja2 Template preview generate_html template_md special elements used in a template engine (EUVD-2025-206512)
3 months 2 weeks ago
A vulnerability was found in Amidaware Tactical RMM up to 1.3.1. It has been rated as critical. The impacted element is the function generate_html of the file /reporting/templates/preview/ of the component Jinja2 Template Handler. The manipulation of the argument template_md leads to improper neutralization of special elements used in a template engine.
This vulnerability is uniquely identified as CVE-2025-69516. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
CVE-2026-23896 | immich-app immich up to 2.4.x Update Endpoint privileges management (GHSA-237r-x578-h5mv / EUVD-2026-4957)
3 months 2 weeks ago
A vulnerability was found in immich-app immich up to 2.4.x. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component Update Endpoint. This manipulation causes improper privilege management.
This vulnerability appears as CVE-2026-23896. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-24902 | TrustTunnel up to 0.9.113 TcpStream::connect server-side request forgery (GHSA-hgr9-frvw-5r76 / EUVD-2026-4951)
3 months 2 weeks ago
A vulnerability classified as critical was found in TrustTunnel up to 0.9.113. This impacts the function TcpStream::connect. Executing a manipulation can lead to server-side request forgery.
This vulnerability is tracked as CVE-2026-24902. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-24905 | inspektor-gadget Inspektor Gadget up to 0.48.0 build.go command injection (GHSA-79qw-g77v-2vfh / EUVD-2026-4954)
3 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in inspektor-gadget Inspektor Gadget up to 0.48.0. Affected is an unknown function of the file inspektor-gadget/cmd/common/image/build.go. The manipulation leads to command injection.
This vulnerability is listed as CVE-2026-24905. The attack must be carried out locally. There is no available exploit.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-25040 | budibase up to 3.26.3 authorization (GHSA-4wfw-r86x-qxrm / EUVD-2026-4950)
3 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in budibase up to 3.26.3. Affected by this vulnerability is an unknown functionality. The manipulation results in incorrect authorization.
This vulnerability is cataloged as CVE-2026-25040. The attack may be launched remotely. There is no exploit available.
vuldb.com
Critical Ivanti Endpoint Manager 0-day RCE Vulnerabilities Actively Exploited in Attacks
3 months 2 weeks ago
Two critical code-injection vulnerabilities have been disclosed in the Endpoint Manager Mobile (EPMM) platform, which are currently being actively exploited in real-world attacks. The security flaws, tracked as CVE-2026-1281 and CVE-2026-1340, allow unauthenticated attackers to execute arbitrary code remotely on vulnerable systems. The vulnerabilities carry a maximum CVSS severity score of 9.8 and affect multiple […]
The post Critical Ivanti Endpoint Manager 0-day RCE Vulnerabilities Actively Exploited in Attacks appeared first on Cyber Security News.
Abinaya
IRify 性能升级(五):增量编译技术详解
3 months 2 weeks ago
大型项目编译太慢?IRify 增强编译让构建时间砍半!
利用恶意页面攻击本地Xdebug
3 months 2 weeks ago
TL;DR
PHP开发者以及一些安全研究人员经常会在本地搭建一个基于Xdebug的PHP的调试服务,在大部分配置情况下,Xdebug采用HTTP请求头中的X-Forwarded-For字段作为DBGp协议的回连地址。受害者浏览攻击页面一段时间,攻击者可利用DNS Rebind技术向本地服务器发送带有恶意X-Forwarded-For的请求,即有可能在受害者电脑上执行任意代码。
xlab
来自微信外挂的安全风险
3 months 2 weeks ago
玄武实验室联合独立安全研究员 em 发现在 Mac OS 上用户量比较大的两款微信防撤回外挂存在安全问题,装了此外挂的用户只要在浏览器里访问攻击者页面并停留一分钟左右,攻击者即可拿到该用户的好友列表,聊天记录,甚至以该用户的身份给好友发送消息,对用户的信息安全造成巨大威胁。
xlab
У вашего робота-пылесоса (ладно, андроида) теперь тоже есть App Store. И там уже можно скачать «мозги»
3 months 2 weeks ago
Скачать «Охранника» или «Няню»? Один геманоид, тысяча личностей в облаке.
Empire Market co-founder faces 10 years to life after guilty plea
3 months 2 weeks ago
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of the dark web marketplace Empire Market, pleaded guilty in Chicago to a federal drug conspiracy charge. Empire Market allowed users to anonymously buy and sell […]
Pierluigi Paganini
诚邀渠道合作伙伴共启新征程
3 months 2 weeks ago
【火绒安全周报】TikTok官宣美国方案/耐克遭遇数据窃取
3 months 2 weeks ago