Aggregator

CVE-2024-30090通过竞争条件（Race Condition）巧妙绕过权限检查机制。

VEH异常调用链控制程序流程原理及分析

WMCTF2025 Web部分题解

操作PEB（进程环境块）和EAT（导出地址表），我们可以实现隐蔽和API绕过

项目地址 https://github.com/DERE-ad2001/Frida-Labs

N1CTF Junior re pyramid

本文介绍了一种通过动态获取SSN和系统调用地址实现间接系统调用的方法，利用汇编跳转绕过API Hook，提升对抗EDR/AV的能力。

COS提权与利用解密脚本下面 xor 后的三个结果分别是 ak，sk，session token，配置下 secretid 和 secretkey（开了几次环境，所以下面ak和sk可能会有变化）token 需要手动去配置下后续发现很多命令有问题，还是用 aws 吧先看下当前用户，这里报错是因为腾讯云 STS API 不是 S3 协议兼容的，而是走的 TC3-HMAC-SHA256 签名体系可以用

前几天都在研究高版本的fastjson，都知道高版本的fastjson对于@type多了非常多的限制，导致反序列化漏洞越来越难，特别是白名单让漏洞更难利用，不过需要探测 fastjson 是作为打入的第一道关卡，探测的手法也多种多样，下面来分析一个畸形 payload ，不符合 json 格式但是任然能够解析

话说你真的了解jsp webshell吗？他能变成java你敢信？jsp实际解析的过程是一个变成java文件的过程，在整个过程中有很多的小点让webshell有了可乘之机

Теперь придётся заклеивать не только веб-камеру, но и оптический сенсор мыши…

Threat actors exploited a Zimbra zero-day via malicious iCalendar (.ICS) files used to deliver attacks through calendar attachments. StrikeReady researchers discovered that threat actors exploited the vulnerability CVE-2025-27915 in Zimbra Collaboration Suite in zero-day attacks using malicious iCalendar (.ICS) files. These files, used to share calendar data, were weaponized to deliver JavaScript payloads to targeted […]

Zimbra Collaboration Suite存在零日漏洞CVE-2025-27915，攻击者利用恶意iCalendar文件发起攻击。该漏洞为存储型XSS，通过未正确清理HTML代码引发。攻击者利用事件执行JavaScript，窃取凭证、邮件数据并重定向邮件。研究人员发现攻击者使用多种技术隐藏行为，并将数据上传至特定服务器。此漏洞影响Zimbra 9.0至10.1版本。

A critical use-after-free vulnerability, identified as CVE-2025-49844, has been discovered in Redis servers, enabling authenticated attackers to achieve remote code execution. This high-severity flaw affects all versions of Redis that utilize the Lua scripting engine, presenting a significant threat to a wide range of deployments that rely on the popular in-memory data store. The core […]

The post Redis Server Vulnerability use-after-free Vulnerability Enables Remote Code Execution appeared first on Cyber Security News.

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools (RATs) to maintain stealth and persistence while systematically dismantling organizational defenses. Ransomware is one of the most disruptive cyber threats, encrypting critical organizational data and demanding ransom payments for restoration. While early campaigns relied on […]

The post Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Как хакеры могут "прокачать" вашу любимую игру вирусом.

A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and control (C2) communications, demonstrating how legitimate cloud infrastructure can be weaponized for malicious purposes. AWS X-Ray, designed to help developers analyze application performance through distributed tracing, has been repurposed by red team researchers into a […]

The post Hackers Weaponize AWS X-Ray Service to Work as Covert Command & Control Server appeared first on Cyber Security News.

习近平总书记提出，“要加强人工智能同保障和改善民生的结合，从保障和改善民生、为人民创造美好生活的需要出发，推动人工智能在人们日常工作、学习、生活中的深度运用，创造更加智能的工作方式和生活方式”。

《框架》2.0版在前一版本的基础上，梳理调整了风险分类，探索提出分级治理原则，强化全生命周期技术治理手段，标志着我国人工智能治理理念从“初步确立”迈向“体系升级”，为推动人工智能在安全可控前提下健康发展提供了制度保障和战略引领。

短信息服务与社会生产生活、人民群众切身利益息息相关，特别是随着经济社会的不断发展，短信息服务在电信、金融、互联网等领域发挥着越来越重要的作用。