Aggregator

Synacktiv researchers have documented a novel GNU/Linux rootkit, LinkPro, uncovered during an investigation into an AWS infrastructure compromise.

The post Stealth Innovation: LinkPro Linux Rootkit Hides via eBPF and Activates with Magic TCP Packet on Kubernetes Nodes appeared first on Penetration Testing Tools.

微软针对Windows 11推出紧急更新，修复无法访问localhost和127.0.0.1的问题。此问题主要影响开发者，微软通过撤回先前更改恢复功能，并提供自动更新和手动修复方法。

好的，我现在需要帮用户总结一篇关于Xubuntu官网被黑的文章，控制在100字以内。首先，我得通读整篇文章，抓住关键点。 文章提到Xubuntu官网疑似被黑客攻击，下载链接被替换成了Windows可执行文件。这个文件被25款杀毒软件检测到恶意软件或后门程序。用户下载后可能会运行恶意软件，窃取加密货币钱包等信息。Xubuntu已经删除了相关链接，并提醒用户杀毒。 接下来，我需要把这些信息浓缩成一句话，不超过100字。要确保包含主要事件：官网被黑、下载链接被替换、恶意软件检测、潜在风险和应对措施。 可能会这样组织：“Xubuntu官网遭黑客攻击，下载链接被替换为恶意EXE文件，已被25款杀毒软件检测到威胁，建议用户立即杀毒并删除相关文件。” 这样既简洁又全面。 Xubuntu官网遭黑客攻击，下载链接被替换为恶意EXE文件，已被25款杀毒软件检测到威胁，建议用户立即杀毒并删除相关文件。

洋葱浏览器 (Tor Browser) 删除火狐浏览器的 AI 和机器学习组件以提升隐私安全。最新版本恢复旧版历史记录面板并改进东亚语言字符渲染。

补天商城【京东卡】本月新一轮补货要安排上啦！

A vulnerability labeled as problematic has been found in toeverything AFFiNE up to 0.24.1. This vulnerability affects unknown code of the component Avatar Upload Image Endpoint. Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-11945. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as problematic has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File Handler. Executing manipulation can lead to heap-based buffer overflow. This vulnerability is handled as CVE-2025-11947. It is possible to launch the attack on the local host. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in 70mai X200 up to 20251010. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. This vulnerability is documented as CVE-2025-11943. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

Windows 11 25H2 首个更新 KB5066835 导致 WinRE 恢复环境中 USB 键盘和鼠标无法使用，用户无法进行任何操作，只能强制关机。此问题严重影响系统故障排除和修复功能。微软尚未提供解决方案。

好的，我现在需要帮用户总结一篇文章的内容，控制在100字以内。首先，我得仔细阅读文章，抓住主要信息。 文章讲的是一个网友在重装Windows 11系统后，发现3TB的数据被BitLocker加密了，而且没有恢复密钥。BitLocker在OOBE设置中默认启用，尤其是有TPM和UEFI的硬件。用户没有保存密钥，导致数据无法恢复。文章还提到类似的问题多次发生，用户建议备份数据或检查加密状态。 接下来，我要把这些要点浓缩到100字以内。注意不要用“文章内容总结”这样的开头，直接描述事件和教训。 重点包括：重装系统导致数据被加密、BitLocker默认启用、没有恢复密钥、数据无法恢复、建议备份或检查加密。 现在组织语言：网友重装系统后发现3TB数据被BitLocker加密，无法恢复。BitLocker在Windows 11默认启用，但未保存恢复密钥。提醒用户备份或检查加密状态。 这样应该符合要求了。 网友重装Windows 11系统后发现3TB数据被BitLocker加密无法恢复。BitLocker在Windows 11 OOBE设置中默认启用（需TPM+UEFI），但未保存恢复密钥。提醒用户重装前备份数据或检查加密状态。

A vulnerability, which was classified as critical, has been found in Matt Wright Textcounter 1.2. This impacts an unknown function of the file textcounter.pl. This manipulation as part of Metacharacter causes improper privilege management. This vulnerability is registered as CVE-1999-1479. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as problematic, has been found in Matt Wright Download.cgi 1.0. Affected is an unknown function of the file download.cgi. This manipulation of the argument f causes path traversal. This vulnerability is tracked as CVE-1999-1377. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Celtech Software ExpressFS 2.6. This vulnerability affects unknown code of the component FTP Server. Performing manipulation of the argument User results in memory corruption. This vulnerability is known as CVE-1999-1514. Remote exploitation of the attack is possible. No exploit is available. It is suggested to use restrictive firewalling.

A vulnerability, which was classified as problematic, was found in Microsoft Site Server 3.0. Impacted is an unknown function of the file site.csc of the component AdSamples. The manipulation results in information disclosure. This vulnerability is identified as CVE-1999-1520. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as critical has been found in Sun Java. Affected by this vulnerability is an unknown functionality of the component Webserver. The manipulation leads to improper privilege management. This vulnerability is listed as CVE-1999-1527. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Computalynx CMail 2.3sp2/2.4. It has been classified as critical. This vulnerability affects unknown code of the component SMTP Server. The manipulation of the argument MAIL FROM leads to memory corruption. This vulnerability is documented as CVE-1999-1521. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability classified as critical has been found in Trend Micro Interscan Viruswall 3.2.3/3.3 on Win NT. This affects an unknown part of the component HELO Handler. The manipulation leads to memory corruption. This vulnerability is documented as CVE-1999-1529. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component.

奇安信威胁情报中心近期发现一些与蔓灵花组织相关的攻击样本，这些样本使用不同方式，最终植入一种可以从远程服务器下发任意 EXE 文件的 C#后门。

当前环境异常需完成验证后才能继续访问。

A vulnerability classified as critical was found in NVIDIA GeForce Experience up to 3.18. Affected is an unknown function of the component Web Helper. Executing manipulation can lead to improper input validation. This vulnerability is tracked as CVE-2019-5678. The attack is restricted to local execution. Moreover, an exploit is present. Upgrading the affected component is advised.