Aggregator

A vulnerability, which was classified as problematic, has been found in libexpat up to 2.7.4. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2026-32776. The attack must be initiated from a local position. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Mumble up to 1.6.869. Affected is an unknown function. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2025-71264. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in thermalright TR-VISION HOME up to 2.0.4 on Windows. This impacts an unknown function. This manipulation causes inclusion of functionality from untrusted control sphere. This vulnerability is tracked as CVE-2026-4255. The attack is restricted to local execution. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in OpenHarmony up to 5.1.0.x. This affects an unknown function of the component Pre-installed Apps. The manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2025-52458. The attack is only possible with local access. There is not any exploit available.

A vulnerability marked as critical has been reported in OpenHarmony up to 5.1.0.x. The impacted element is an unknown function of the component Pre-installed Apps. The manipulation leads to out-of-bounds write. This vulnerability is referenced as CVE-2025-41432. The attack can only be performed from a local environment. No exploit is available.

A vulnerability labeled as problematic has been found in OpenHarmony up to 5.1.0.x. The affected element is an unknown function. Executing a manipulation can lead to type confusion. The identification of this vulnerability is CVE-2025-25277. The attack can only be executed locally. There is no exploit available.

A vulnerability identified as critical has been detected in GROWI up to 7.4.5. Impacted is an unknown function of the component OpenAI API Endpoint. Performing a manipulation results in missing authorization. This vulnerability was named CVE-2026-25083. The attack may be initiated remotely. There is no available exploit.

嗯，用户让我用中文总结一下这篇文章，控制在一百个字以内，而且不需要用“文章内容总结”这样的开头。直接写描述就行。 首先，我需要通读整篇文章，抓住主要内容。文章主要讲的是Geordie AI这家公司入围了RSA Conference 2026的创新沙盒竞赛。他们专注于AI Agent的安全与治理，提供一个平台来监控和管理企业内部的AI智能体。 接下来，我需要提取关键信息：公司名称、入围比赛、专注领域、产品功能等。然后把这些信息浓缩到100字以内，同时保持语句通顺。 可能会遇到的问题是如何在有限的字数内涵盖所有重要点。比如，公司背景、产品功能、行业影响等。需要选择最重要的部分来突出。 最后，检查一下是否符合用户的要求：中文、100字以内、直接描述内容。确保没有遗漏关键信息，并且表达清晰。 Geordie AI 是一家专注于 AI Agent 安全与治理的网络安全初创公司，其平台能够实时发现、监控和管理企业内部部署的 AI 智能体行为与风险，帮助企业应对 AI Agent 带来的新型安全挑战。该公司入围 RSA Conference 2026 创新沙盒竞赛决赛，并展示了其在 AI 安全领域的创新技术与解决方案。

The Iranian syndicate designated “Handala Hack”—a collective inextricably intertwined with the Void Manticore cluster and the Iranian Ministry

The post Manual Malice: How Handala Hack Weaponizes AI Wipers and NetBird for Rapid Network Annihilation appeared first on Penetration Testing Tools.

A vulnerability categorized as problematic has been discovered in libexif up to 0.6.25. This issue affects the function exif_mnote_data_get_value of the component MakerNotes Decoder. Such manipulation leads to integer underflow. This vulnerability is uniquely identified as CVE-2026-32775. Local access is required to approach this attack. No exploit exists.

嗯，用户让我总结这篇文章的内容，控制在一百个字以内，而且不需要特定的开头。首先，我需要通读整篇文章，抓住主要信息。 文章主要讲述了一个名为cornelslop的Linux内核漏洞挑战。作者和团队在DiceCTF 2026预选赛中获得了第一名。他们利用了一个竞态条件漏洞，导致双重释放，并通过精心设计的利用链实现了权限提升。 关键点包括：漏洞分析、利用开发、最终的漏洞利用。作者详细描述了如何通过MADV_DONTNEED和mprotect来扩大竞态窗口，以及如何跨CPU分配和释放内存来绕过限制。 最终，他们通过PTE重叠将页面表UAF转换为任意文件写入，成功获取了root权限。文章展示了复杂的内核漏洞利用过程。 这篇文章描述了一个Linux内核漏洞挑战cornelslop的解决过程。作者通过分析发现了一个竞态条件漏洞，并利用该漏洞实现了双重释放。通过扩大竞态窗口、跨CPU攻击和PTE重叠技术，最终实现了权限提升并获得了flag。

In the latter half of 2025, the globe endured in excess of 8 million DDoS incursions. Yet, beneath

The post The 30 Tbps Barrier: How AI-Powered Botnets Shattered DDoS Records in Late 2025 appeared first on Penetration Testing Tools.

WordPress has unveiled a novel paradigm for engaging with its platform: the my.WordPress.net service, an innovation that empowers

The post Zero Hosting, Zero Setup: The Rise of the Browser-Native WordPress Revolution appeared first on Penetration Testing Tools.

A set of nine novel cross-tenant vulnerabilities in Google Looker Studio, collectively dubbed “LeakyLooker,” that could have allowed attackers to run arbitrary SQL queries, exfiltrate sensitive data, and even modify or delete records across Google Cloud environments, all without victims granting explicit permission. Google has since fully remediated all identified issues following responsible disclosure. Google […]

The post Google Looker Studio Vulnerabilities Allow Attackers to Exfiltrate Data from Google Services appeared first on Cyber Security News.

Хакеры решили, что если добавить в название домена умное слово, то никто ничего не заметит.

An international law enforcement operation has taken down more than 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware activity. The action was carried out as part of Operation Synergia III, an investigation that ran from July 18, 2025 to January 31, 2026. According to INTERPOL, the operation resulted in 94 arrests, while 110 additional suspects remain under investigation. Authorities also seized 212 electronic devices and servers linked to the criminal networks. … More →

The post 45,000 malicious IP addresses taken down, 94 suspects arrested appeared first on Help Net Security.

JSOC IT has announced the launch of AUTOPSY, a security verification platform that investigates an organization’s security stack through live API integrations before a breach occurs, rather than after one forces the conversation. The platform’s flagship product, READY, is a security assessment that replaces self-reported questionnaires with API-verified telemetry across an organization’s security stack, including endpoint detection, identity and access management, backup and recovery, vulnerability management, and more than 24 integrated security platforms. The launch … More →

The post JSOC IT’s AUTOPSY platform puts security stacks under live API verification appeared first on Help Net Security.

路透发表了一篇调查报告，分析了匿名英国涂鸦艺术家 Banksy 的身份。2022 年 11 月，Banksy 在乌克兰基辅的一处被炸村庄墙壁上制作了涂鸦，当地居民看到了涂鸦者。路透记者对此展开了调查，发现了 Banksy 本人多年前亲笔写下的一份认罪书，承认行为不检的轻罪指控，这份文件揭露了他的真实身份。但 Banksy 的律师督促记者不要公开 Banksy 的身份，称会侵犯艺术家的隐私，干扰他艺术创作，危及他的安全，且会损害公众利益。律师称，“匿名或使用笔名进行创作符合重要的社会利益。它保护了言论自由，使创作者能畅所欲言的向权力说出真话，不必担心遭到报复、审查或迫害——尤其是在涉及政治、宗教或社会正义等敏感问题时。”

Researchers found nine “CrackArmor” flaws in Linux AppArmor that could let unprivileged users bypass protections, gain root privileges, and weaken container isolation. Qualys researchers disclosed nine vulnerabilities, collectively tracked as CrackArmor, in the Linux kernel’s AppArmor module. The flaws have existed since 2017 and could allow unprivileged users to bypass protections, escalate privileges to root, […]

嗯，用户让我帮忙总结一下这篇文章的内容，控制在100个字以内，而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先，我需要快速浏览文章内容。看起来是关于Linux AppArmor的一个安全漏洞，叫做CrackArmor。研究人员发现了九个漏洞，这些漏洞可以让无权限的用户绕过保护机制，获得root权限，甚至影响容器隔离。 接下来，我需要提取关键信息：AppArmor是什么？它是一个Linux的安全模块，用于强制执行行为规则，保护系统免受已知和未知威胁的攻击。这个模块从Linux内核2.6.36开始就有，并且由Canonical支持开发。 然后是漏洞的影响：这些漏洞存在了六年之久，影响超过1260万个Linux系统。攻击者可以利用这些漏洞进行权限提升、代码执行或拒绝服务攻击。研究人员已经开发了概念验证的exploit，但没有公开发布以减少风险。 最后是建议：没有CVE编号，但强烈建议立即修补Linux内核。这些漏洞可能被国家资助的黑客利用，因此修补和监控至关重要。 现在我要把这些信息浓缩到100字以内。要包括AppArmor的作用、CrackArmor漏洞的数量、影响范围、攻击者的能力以及建议的补救措施。 可能的结构：研究人员发现AppArmor中的九个CrackArmor漏洞，允许无权限用户绕过保护机制、提升权限至root，并削弱容器隔离。这些漏洞影响超过1260万个系统，建议立即修补内核以缓解风险。 检查字数是否在限制内，并确保信息准确且完整。 研究人员发现Linux AppArmor中的九个“CrackArmor”漏洞（存在六年），允许无特权用户绕过安全保护、提升权限至root并削弱容器隔离。这些漏洞影响超过1260万个系统，建议立即修补内核以缓解风险。