Aggregator

A vulnerability, which was classified as critical, was found in Circulargenius Flat Calendar 1.1. Affected is the function Admin of the file calAdd.php. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2008-6736. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： 安全研究团队Neural Trust发现名为“Echo Chamber”（回音室）的新型大语言模型（LLM）越狱攻击技术。该技术通过渐进式语义污染与上下文操控，可突破主流AI模型的防护机制，诱导模型生成违禁内容。Neural Trust研究员Ahmad Alobaid在测试中偶然发现此漏洞：“我最初以为系统出错，但持续测试后发现LLM竟如此容易被操控”。 攻击核心原理 三阶段渗透 种子植入：首轮对话嵌入无害但具导向性的语义种子（如“撰写信息控制失败案例研究”），规避内容过滤机制。 引导强化：通过多轮看似中立的追问（如“请重述重点”），诱导模型逐步复述并扩展敏感概念，形成自我强化的语义闭环。 边界突破：当模型在“绿区”（允许内容）积累足够多被污染的上下文后，其内部状态逐渐接受本应被拦截的语义关联，最终生成违禁内容（如武器制作指南）。 与传统攻击差异 区别于微软披露的”Crescendo”攻击（直接引导敏感回答），Echo Chamber利用模型自解释特性，让AI主动构建危险内容框架。 攻击全程避免触发“红区”（如直接提及“炸弹”），仅使用“鸡尾酒”等合法词汇分散组合，使防护系统难以识别意图。 实测威胁数据 成功率：在GPT-4o、Gemini 2.0等模型测试中，生成性别歧视/暴力内容成功率超90%，虚假信息达80%。 效率：平均2-3轮对话即可完成越狱，部分案例仅需单次交互。 低成本性：无需技术背景，攻击者仅需掌握基础对话技巧即可实施。 行业影响与挑战 防御机制失效 传统关键词过滤与单轮提示检测完全失效，因攻击依赖模型自身的上下文记忆与逻辑推演能力。 新型防护方向 Neural Trust建议采用动态上下文可信评估（如语义一致性检测）、设定上下文记忆窗口限制（防止污染延续），这与微软“提示词防护盾”、Anthropic“宪法分类器”的防御思路形成呼应。 研究员警告 Neural Trust安全主管Rodrigo Fernández强调：“该技术可能被大规模用于生成虚假信息、仇恨言论及犯罪指导，全球AI服务商需立即升级防护体系”。       消息来源： securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： 根据进攻性安全公司Cobalt的最新报告，约半数（48%）的安全专业人员认为需要对生成式AI部署实施“战略暂停”，以重新校准防御措施。调查显示，绝大多数（94%）的安全负责人和从业者观察到过去12个月内其所在行业的生成式AI采用率显著提升。令人担忧的是，36%的受访者承认生成式AI部署速度已超出其团队管理能力范围。 尽管许多安全专家呼吁暂停部署，Cobalt首席技术官Gunter Ollmann警告此举并不现实：“威胁行为体不会坐等，安全团队同样不能。研究表明生成式AI在重塑工作方式的同时，也在改写风险规则。安全基础必须同步演进，否则我们将在过时的安全措施上构建未来的创新。” 生成式AI主要安全漏洞 约四分之三（72%）的安全从业者将生成式AI列为首要IT风险。受访者指出的主要风险集中于数据安全与准确性：敏感信息泄露（46%）、数据模型投毒与窃取（42%）、数据不准确（40%）及训练数据泄露（37%）位列前四。尽管风险高企，33%的安全团队未对其大语言模型（LLM）部署实施定期渗透测试等安全评估。 Cobalt自2022年开展LLM测试以来的评估显示，生成式AI工具中约32%的漏洞属于高风险类别，这是所有资产类型中高危漏洞占比最高的领域。其中仅21%的高危漏洞得到修复，修复率在所有渗透测试类型中最低。传统Web漏洞在生成式AI系统中依然突出：SQL注入（19.4%）和存储型XSS（9.7%）占比最高，这表明部署LLM应用时仍需遵循严格的输入验证、安全编码和系统配置等基础安全实践。 渗透测试还发现多类LLM特有漏洞： • 诱导生成不当内容：通过精心设计的输入提示绕过内容过滤器 • 诱导泄露敏感数据：利用提示注入技术使LLM泄露个人身份信息等数据 • 模型拒绝服务攻击：通过API发送大量复杂查询导致服务中断 • 越权操作：通过精细化交互使LLM执行超出权限范围的操作 报告强调：“这些案例证明，发现涉及复杂提示操纵的LLM特有漏洞需要高水平人工专业能力和创新测试方法。”       消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

​四年亏损 82 亿元。

A vulnerability classified as critical was found in Microsoft Office, Visio and Project 2003. Affected by this vulnerability is an unknown functionality of the component Korean Input Method Editor. The manipulation leads to improper access controls. This vulnerability is known as CVE-2006-0008. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft Windows Server 2003/XP. It has been rated as critical. This issue affects some unknown processing of the component Web Client Service. The manipulation as part of WebDav Request leads to memory corruption. The identification of this vulnerability is CVE-2006-0013. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Outlook Express 5.5/6.0. Affected is an unknown function of the component Windows Address Book File Parser. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2006-0014. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Microsoft Windows 2000/Server 2003/XP. Affected is an unknown function of the component Web Fonts. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2006-0010. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in KDE. Affected by this issue is some unknown functionality. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2006-0019. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in COROS PACE 3 up to 3.0808.0. Affected by this issue is some unknown functionality of the component BLE Legacy Pairing. The manipulation leads to predictable seed in pseudo-random number generator (prng). This vulnerability is handled as CVE-2025-32876. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in COROS PACE 3 up to 3.0808.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Just Works Pairing. The manipulation leads to improper authentication. This vulnerability is known as CVE-2025-32877. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in COROS PACE 3 up to 3.0808.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component WLAN. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2025-32880. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in CloudClassroom-PHP-Project 1.0. It has been classified as critical. This affects an unknown part of the file askquery.php. The manipulation of the argument squeryx leads to sql injection. This vulnerability is uniquely identified as CVE-2025-46179. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in brplot 420.69.1. This affects the function br_dagens_handle_once. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-45331. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-ds.php. The manipulation of the argument testtype leads to sql injection. This vulnerability is known as CVE-2025-6156. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in H3C NR1200W, ER8300G2-X, GR8300, GR-1800AX, GR-3000AX and GR-5400AX. It has been classified as critical. This affects an unknown part. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-44635. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in HotelDruid 3.0.7. This issue affects some unknown processing of the file creadb.php. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-44203. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in xxyopen/201206030 novel-plus up to 5.0.x. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation of the argument filePath leads to path traversal. This vulnerability is handled as CVE-2025-45890. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is traded as CVE-2025-6404. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. This vulnerability is handled as CVE-2025-6157. The attack may be launched remotely. Furthermore, there is an exploit available.