Aggregator

Experts at Red Canary have uncovered an unusual campaign leveraging a newly identified strain of malware, DripDropper, specifically targeting cloud-based Linux servers. The attackers gained initial access through CVE-2023-46604 in Apache ActiveMQ, after which...

The post The DripDropper Paradox: Why Attackers Are Patching the Vulnerabilities They Exploit appeared first on Penetration Testing Tools.

感谢各位安全专家长期关注阿里巴巴集团安全，帮助阿里云先知提高阿里巴巴集团和客户安全水平，保障数亿用户的安全！

多维度荣膺五星满分评价，360获IDC中国统一终端安全技术评估首推

Cybersecurity researchers are highlighting a dangerous attack technique that combines rogue IPv6 configuration with NTLM credential relay to achieve complete Active Directory domain compromise, exploiting default Windows configurations that most organizations leave unchanged. Attack Leverages Default Windows IPv6 Behavior The MITM6 + NTLM Relay attack exploits Windows systems’ automatic DHCPv6 requests, even in networks that […]

The post MITM6 + NTLM Relay Attack Enables Full Domain Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The legendary hacker journal Phrack has turned forty, marking the occasion with its anniversary 72nd issue, published on August 19, 2025. Founded in the mid-1980s, this iconic publication is regarded as one of the...

The post Phrack at 40: The Legendary Hacker Zine Celebrates Four Decades of Security and Subversion appeared first on Penetration Testing Tools.

A vulnerability, which was classified as problematic, has been found in Mattermost up to 10.5.8. This impacts an unknown function. This manipulation causes incorrect authorization. This vulnerability appears as CVE-2025-49810. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

Researchers at Push Security have discovered a new phishing campaign that targets Microsoft 365 (M365) systems and uses Active Directory Federation Services (ADFS) to enable credential theft. This attack vector exploits Microsoft’s authentication redirect mechanisms, effectively turning a legitimate service into a conduit for phishing operations. Sophisticated Phishing Infrastructure The campaign begins with malvertising lures […]

The post New Campaign Uses Active Directory Federation Services to Steal M365 Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as critical was found in Softing Industrial Automation OPC UA C++ SDK, edgeConnector and edgeAggregator. This affects an unknown function. The manipulation results in improper certificate validation. This vulnerability is reported as CVE-2025-7390. The attack can be launched remotely. No exploit exists.

Cybercriminal groups are building entire infrastructures to propagate infostealers—malicious programs designed to steal passwords, payment card details, and other sensitive information from infected devices. Analysts describe what they call the “Stealer Ecosystem,” where the...

The post Inside the “Stealer Ecosystem”: How the Cybercrime Economy Professionalized Data Theft appeared first on Penetration Testing Tools.

A vulnerability classified as critical has been found in Mattermost up to 10.5.8. The impacted element is an unknown function of the component Agents Plugin. The manipulation leads to server-side request forgery. This vulnerability is documented as CVE-2025-47700. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.1. The affected element is an unknown function of the component Plugin Import. Executing manipulation can lead to path traversal. This vulnerability is registered as CVE-2025-36530. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in Mattermost up to 9.11.17/10.5.8. Impacted is an unknown function of the file /api/v4/teams/team-id/members/user-id/schemeRoles of the component API Endpoint. Performing manipulation results in incorrect authorization. This vulnerability is cataloged as CVE-2025-53971. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.2/10.10.0. This vulnerability affects unknown code of the component Non-Attachment File Handler. This manipulation causes unrestricted upload. This vulnerability is tracked as CVE-2025-49222. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.2. This issue affects some unknown processing. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2025-8023. The attack may be performed from a remote location. There is no available exploit. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in Mattermost up to 9.11.17/10.5.8/10.8.3/10.9.2. This affects an unknown part of the file /api/v4/teams/:teamId/restore. The manipulation results in missing authentication. This vulnerability is identified as CVE-2025-47870. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

Даже рядовая семейная ссора теперь станет материалом для тренировки чужого алгоритма.

锦行科技成功入选安全管理、安全解决方案、安全服务三大核心模块，并登榜五大细分领域。

分享一篇文章。

2025年8月21日，深瞳漏洞实验室监测到一则Commvault-WebServer组件存在代码执行漏洞的信息，漏洞编号：CVE-2025-57790，漏洞威胁等级：高危。