FreeBuf 早报 | Chrome零日漏洞遭利用;新Windows零日漏洞泄露NTLM哈希值
Chrome 浏览器的零日漏洞正被复杂的威胁行为者积极利用,漏洞编号为 CVE-2025-2783。
Aggregator
WordPress 插件漏洞使超20万个网站面临代码执行攻击威胁
5 months ago
安全客
ETSI Publishes New Quantum-Safe Encryption Standards
5 months ago
Standards body ETSI has defined a scheme for key encapsulation mechanisms with access control (KEMAC), enabling quantum-secure encryption
全球狂卖 427 万辆,比亚迪给友商上了一堂「成本课」
5 months ago
最狠财报,没有之一。
Google Hastily Patches Chrome Zero-Day Exploited by APT
5 months ago
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.
Elizabeth Montalbano, Contributing Writer
Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience
5 months ago
“A boxer derives the greatest advantage from his sparring partner…”
— Epictetus, 50–135 AD
Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center.
This wasn’t Blue’s first day and despite his solid defense in front of the mirror, he feels the pressure.
The Hacker News
Ingress NGINX 现远程代码执行漏洞,攻击者或借此全面接管集群
5 months ago
安全客
Windows, ты уволен: ЕС создаёт защищенную операционку для чиновников
5 months ago
Госструктуры Европы всеми силами показывают, что справятся и без США?
本地部署AI信息安全框架:保障AI系统安全的关键举措
5 months ago
dewei吴彦祖
CVE-2025-2783 | Google Chrome up to 134.0.6998.117 on Windows Mojo Remote Code Execution (Nessus ID 233331)
5 months ago
A vulnerability, which was classified as critical, has been found in Google Chrome on Windows. Affected by this issue is some unknown functionality of the component Mojo. The manipulation leads to Remote Code Execution.
This vulnerability is handled as CVE-2025-2783. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-2596 | Checkmk up to 2.1.0p50/2.2.0p40/2.4.0b1 session expiration
5 months ago
A vulnerability classified as problematic was found in Checkmk up to 2.1.0p50/2.2.0p40/2.4.0b1. Affected by this vulnerability is an unknown functionality. The manipulation leads to session expiration.
This vulnerability is known as CVE-2025-2596. The attack can be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
5 months ago
Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that has been exploited in the wild as part of attacks targeting organizations in Russia.
The vulnerability, tracked as CVE-2025-2783 (CVSS score: 8.3), has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo
The Hacker News
Троян в консоли Windows: поддельные пути стали инструментом взлома
5 months ago
Хакеры Water Gamayun создали идеальную маскировку c помощью MSC-файлов.
【安全圈】国际刑警“红牌行动”收获:非洲多国联手破获特大跨国网络犯罪集团
5 months ago
关键词网络犯罪2024年11月至2025年2月,国际刑警组织发起代号为“红牌行动”的跨境执法行动,成功在非洲七
【安全圈】Cloudflare R2服务中断事件:密码轮换错误引发全球故障
5 months ago
关键词cloud flareCloudflare近日宣布,其R2对象存储及相关服务发生了一次持续1小时7分钟的
【安全圈】Cloudflare推出AI迷宫用于应对AI爬虫,以AI治AI师夷长技以制夷
5 months ago
关键词网络安全Cloudflare于2025年3月19日发布创新性防御工具"AI迷宫"(AI Labyrint
【安全圈】谷歌Chrome在线安装程序出现错误导致Windows 10/11安装都提示无法运行
5 months ago
关键词chrome作为全球用户规模最大的浏览器,谷歌Chrome近期因在线安装程序的技术故障引发广泛关注。
慢雾:深入探讨 EIP-7702 与最佳实践
5 months ago
本文围绕以太坊即将到来的 Pectra 升级中的 EIP-7702 提案展开探讨。
慢雾:深入探讨 EIP-7702 与最佳实践
5 months ago
本文围绕以太坊即将到来的 Pectra 升级中的 EIP-7702 提案展开探讨。
慢雾:深入探讨 EIP-7702 与最佳实践
5 months ago
本文围绕以太坊即将到来的 Pectra 升级中的 EIP-7702 提案展开探讨。