漏洞通告 | Smartbi 远程代码执行漏洞
立即查看详情 →
Aggregator
CVE-2025-45582 | GNU Tar up to 1.35 TAR Archive path traversal (EUVD-2025-21178)
2 days 22 hours ago
A vulnerability marked as problematic has been reported in GNU Tar up to 1.35. This affects an unknown function of the component TAR Archive Handler. This manipulation causes path traversal: '../filedir'.
The identification of this vulnerability is CVE-2025-45582. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
微软最新更新可能会导致硬盘故障
2 days 22 hours ago
微软本月释出的例行安全更新据报道可能会导致硬盘故障。存在问题的更新是提供给 Windows 11 和 10 ISO 镜像的 Defender 安全更新,该更新旨在遏制 Lamma,适用于 Windows 10(KB5063709 / KB5063877 / KB5063871 / KB5063889)和 Windows 11(KB5063878、KB5063875)。其中 Windows 11 24H2 KB5063878 安装时会返回 0x80240069 错误代码。除此之外,据日本用户报告它导致了存储故障,掉盘,操作系统无法读取相应的 SMART 信息。重启后相关硬盘会暂时重现,但很快又发生相同故障。
CVE-2025-36106 | IBM Cognos Analytics Mobile up to 1.1.22 on iOS inadequate encryption (EUVD-2025-22137)
2 days 22 hours ago
A vulnerability categorized as problematic has been discovered in IBM Cognos Analytics Mobile up to 1.1.22 on iOS. Affected by this issue is some unknown functionality. Executing manipulation can lead to inadequate encryption strength.
The identification of this vulnerability is CVE-2025-36106. The attack may be launched remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-36062 | IBM Cognos Analytics Mobile up to 1.1.22 on iOS missing encryption (EUVD-2025-22135)
2 days 22 hours ago
A vulnerability has been found in IBM Cognos Analytics Mobile up to 1.1.22 on iOS and classified as problematic. Affected is an unknown function. This manipulation causes missing encryption of sensitive data.
This vulnerability appears as CVE-2025-36062. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.
vuldb.com
CVE-2025-36107 | IBM Cognos Analytics Mobile up to 1.1.22 on iOS cleartext transmission (EUVD-2025-22133)
2 days 22 hours ago
A vulnerability was found in IBM Cognos Analytics Mobile up to 1.1.22 on iOS and classified as problematic. Affected by this vulnerability is an unknown functionality. Such manipulation leads to cleartext transmission of sensitive information.
This vulnerability is traded as CVE-2025-36107. The attack may be launched remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-3631 | IBM MQ/MQ Appliance up to 9.3.5.1 CD/9.4.0.11 LTS/9.4.2.1 CD use after free (EUVD-2025-21175)
2 days 22 hours ago
A vulnerability identified as critical has been detected in IBM MQ and MQ Appliance up to 9.3.5.1 CD/9.4.0.11 LTS/9.4.2.1 CD. Affected by this issue is some unknown functionality. Performing manipulation results in use after free.
This vulnerability is known as CVE-2025-3631. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.
vuldb.com
国内甲方欠缺的先进攻防理念 | 攻击者也有老板和预算
2 days 22 hours ago
攻击者也有老板和预算
CVE-2025-38370 | Linux Kernel up to 6.15.5/6.16-rc4 btrfs free-space-tree.c btrfs_end_transaction allocation of resources (WID-SEC-2025-1653)
2 days 22 hours ago
A vulnerability has been found in Linux Kernel up to 6.15.5/6.16-rc4 and classified as problematic. Affected is the function btrfs_end_transaction of the file fs/btrfs/free-space-tree.c of the component btrfs. This manipulation causes allocation of resources.
This vulnerability is registered as CVE-2025-38370. The attack requires access to the local network. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2025-38369 | Linux Kernel up to 6.6.95/6.12.35/6.15.4 dmaengine /dev destroy_workqueue denial of service (WID-SEC-2025-1653)
2 days 22 hours ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.95/6.12.35/6.15.4. Affected by this issue is the function destroy_workqueue of the file /dev of the component dmaengine. Such manipulation leads to denial of service.
This vulnerability is listed as CVE-2025-38369. The attack must be carried out from within the local network. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2025-38368 | Linux Kernel up to 6.6.95/6.12.35/6.15.4 misc ice_ptp.c tps6594_pfsm_probe null pointer dereference (WID-SEC-2025-1653)
2 days 22 hours ago
A vulnerability was found in Linux Kernel up to 6.6.95/6.12.35/6.15.4. It has been rated as critical. Affected by this vulnerability is the function tps6594_pfsm_probe of the file ice_ptp.c of the component Misc. Performing manipulation results in null pointer dereference.
This vulnerability is known as CVE-2025-38368. Access to the local network is required for this attack. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
Ransomware Allegations Surface as Colt Outages Continue
2 days 22 hours ago
Support Portals Offline as Ransomware Gang Claims It Stole Data
British-based multinational telecom Colt Technology Services said a "cyber incident" is responsible for days-long disruptions to its customer portal and support services. The WarLock ransomware operation took responsibility for the hack, asserting it stole "1 million documents."
British-based multinational telecom Colt Technology Services said a "cyber incident" is responsible for days-long disruptions to its customer portal and support services. The WarLock ransomware operation took responsibility for the hack, asserting it stole "1 million documents."
【技巧】使用 Java proxyee 库实现HTTP流量记录的一些问题
2 days 22 hours ago
Java实现流量记录的一些问题
Bridging the AI model governance gap: Key findings for CISOs
2 days 22 hours ago
While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings of a new Anaconda survey of more than 300 AI practitioners and decision-makers highlight security concerns in open-source tools, inconsistent model monitoring, and the operational challenges caused by fragmented AI toolchains. Security concerns remain high despite validation Open-source software is central to AI development, but it brings supply … More →
The post Bridging the AI model governance gap: Key findings for CISOs appeared first on Help Net Security.
Anamarija Pogorelec
Новый инструмент для Windows 11 позволяет обойти Kernel Patch Protection
2 days 22 hours ago
Инструмент Kurasagi ставит под сомнение надежность Windows.
The Tea App Hack: How a “Safe” Space Leaked 13,000 ID Photos & 1.1M Messages
2 days 22 hours ago
In this episode we’re discussing the alarming breach of the Tea app, a platform intended for women to share dating experiences. The hack resulted in the exposure of over 13,000 government ID photos, 72,000 user images, and over a million private messages due to poor security practices. We’ll discuss the role of sloppy coding, an […]
The post The Tea App Hack: How a “Safe” Space Leaked 13,000 ID Photos & 1.1M Messages appeared first on Shared Security Podcast.
The post The Tea App Hack: How a “Safe” Space Leaked 13,000 ID Photos & 1.1M Messages appeared first on Security Boulevard.
Tom Eston
WinRAR零日漏洞攻击的分析详解
2 days 22 hours ago
研究人员发布了一份报告,详细阐述了俄罗斯RomCom黑客组织如何利用近期被追踪为CVE-2025-8088的WinRAR路径遍历漏洞,在零日攻击中投放不同的恶意软件有效载荷。
RomCom(又称Storm-0978和Tropical Scorpius)是一个俄罗斯网络间谍威胁组织,擅长利用零日漏洞进行网络攻击,涉及Firefox(CVE-2024-9680、CVE-2024-49039)和微软Office(CVE-2023-36884)等软件。
2025年7月18日,ESET发现RomCom正在利用WinRAR中一个未公开的路径遍历零日漏洞,并通知了这款热门压缩工具的开发团队。
ESET本周发布的新报告解释道:“通过对漏洞利用程序的分析,我们发现了这一漏洞并定为CVE-2025-8088的编号,这是一个借助备用数据流实现的路径遍历漏洞。WinRAR已于2025年7月30日发布了修复版本。”
2025年7月30日,WinRAR发布了针对该漏洞(编号CVE-2025-8088)的修复程序,版本为7.13。不过,随附的公告中并未提及该漏洞存在被主动利用的情况。据悉,当用户打开特制的压缩包时,该漏洞会被用于将危险的可执行文件提取到自动运行路径。
该漏洞与一个月前披露的另一个WinRAR路径遍历漏洞(追踪编号CVE-2025-6218)相似。
ESET的报告称,恶意的RAR压缩包包含多个隐藏的ADS(备用数据流)有效载荷,这些载荷用于隐藏恶意的DLL文件和Windows快捷方式,当目标用户打开压缩包时,这些文件会被提取到攻击者指定的文件夹中。
许多ADS条目指向无效路径,ESET认为,这些条目是被故意添加的,目的是生成看似无害的WinRAR警告,同时隐藏文件列表深处存在的恶意DLL、EXE和LNK文件路径。
恶意RAR存档(顶部)和解压过程中的错误(底部)
可执行文件被放置在%TEMP%或%LOCALAPPDATA%目录中,而Windows快捷方式(LNK文件)则被放入Windows启动目录,以便在用户后续登录时执行。
ESET记录了三条不同的攻击链,均会投放RomCom组织已知的恶意软件家族:
·Mythic Agent:Updater.lnk会将msedge.dll添加到一个COM劫持注册表位置,该文件会解密AES shellcode,且仅当系统域与硬编码的值匹配时才会运行。该shellcode会启动Mythic代理,从而实现命令与控制通信、命令执行以及有效载荷投放。
·SnipBot:Display Settings.lnk会运行ApbxHelper.exe,这是一个经过修改的PuTTY CAC,带有无效证书。它会先检查是否有不少于69个最近打开的文档,之后再解密shellcode,从攻击者的服务器下载额外的有效载荷。
·MeltingClaw:Settings.lnk会启动Complaint.exe(即RustyClaw),该程序会下载一个MeltingClaw DLL,进而从攻击者的基础设施获取并执行更多恶意模块。
Mythic Agent感染链
俄罗斯网络安全公司Bi.Zone也报告称,他们观察到一个单独的活动群,被其追踪为“Paper Werewolf”,该集群在攻击中同样利用了CVE-2025-8088和CVE-2025-6218这两个漏洞。
目前,ESET已在其GitHub仓库中分享了RomCom组织最新攻击的完整入侵指标。
尽管微软在2023年为Windows系统添加了原生的RAR支持功能,但该功能仅在较新的版本中可用,且其功能远不如WinRAR全面。因此,许多高级用户和组织仍依赖WinRAR来管理压缩文件,这使其成为黑客的主要攻击目标。
RarLab表示,他们并不了解CVE-2025-8088漏洞被利用的具体细节,也没有收到任何用户报告,ESET仅向他们分享了开发补丁所需的技术信息。WinRAR没有自动更新功能,因此用户需要从官网手动下载并安装最新版本。
胡金鱼
WinRAR零日漏洞攻击的分析详解
2 days 22 hours ago
WinRAR被发现零日漏洞CVE-2025-8088,RomCom组织利用该漏洞通过恶意压缩包投放恶意软件。漏洞利用路径遍历和备用数据流隐藏有效载荷,并在用户打开压缩包时提取到指定路径执行。ESET已发布修复版本,并详细分析了攻击链。
研究了200天LLM,越权漏洞检测准确率才提升这点点?
2 days 22 hours ago
越权漏洞检测准确率如何提升?看看字节安全团队的实践
Merlin Agent木马破绽:内存密钥暴露与加密流量破解全解
2 days 23 hours ago
内存提取密钥解密Merlin Agent加密流量