Aggregator

作者写过三本书，这是第三本

Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated with the email address ischhfd83[at]rambler[.]ru. Initially sparked by a customer inquiry into the Sakura RAT, a supposed open-source malware touted for its “sophisticated anti-detection capabilities,” the investigation revealed a much broader and more insidious campaign. […]

The post Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

基于判别指令微调生成式大语言模型的知识图谱补全方法 by ourren

IP也有“身份”：揭秘IP背后隐藏的组织真相 by ourren

基于大模型的威胁情报分析与知识图谱构建 by ourren

证券公司互联网终端一体化安全实践探索 by ourren

更多最新文章，请访问SecWiki

全球特定国家2025.6.6动态。

Nodes can bypass dynamic resource allocation authorization checks

A newly identified social engineering attack dubbed “ClickFix” has emerged as a significant threat, leveraging meticulously crafted fake Cloudflare verification pages to trick users into executing malicious code on their devices. This phishing tactic, disguised as a routine security check, exploits the familiarity of Cloudflare’s Turnstile CAPTCHA interface to deceive users into running hidden PowerShell […]

The post ClickFix Attack Uses Fake Cloudflare Verification to Silently Deploy Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack. [...]

A vulnerability has been found in Kunbus Revolution Pi Webstatus up to 2.4.5 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to incorrect type conversion. This vulnerability was named CVE-2025-41646. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.14.7. This affects the function io_uring_show_fdinfo. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-38002. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.15.0. Affected by this issue is some unknown functionality of the component net_sched. The manipulation of the argument cl_nactive leads to infinite loop. This vulnerability is handled as CVE-2025-38001. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

DragonForce, a ransomware group first identified in fall 2023, has claimed over 120 victims in the past year, marking its rapid ascent as a formidable player in the ransomware ecosystem. Initially operating under a Ransomware-as-a-Service (RaaS) model, DragonForce has since pivoted to a ransomware cartel structure, as announced in March 2025 on its data leak […]

The post DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.