Aggregator

Ukrainian National Twice Indicted in Los Angeles for Pro-Russian Hacking
U.S. and allied agencies warned of low-skill Russian-linked hacktivists breaching critical infrastructure by exploiting weak remote access tools, as federal prosecutors charged a Ukrainian national with helping orchestrate operations targeting water and energy systems.

AI Firm Says New Models May Be 'High Risk' as Dual-Use Capabilities Grow
OpenAI said Wednesday it is preparing for artificial intelligence models to reach "high" cybersecurity risk levels, marking an escalation in the dual-use capabilities that could strengthen defenses or enable sophisticated attacks.

KKR-Led Series B Investment Propels AI Agent, Nonhuman Identity Management Push
Backed by $700 million in funding from KKR at a $3 billion valuation, Saviynt plans to accelerate innovation in identity security for humans, machines and AI agents. The Series B investment supports global expansion and continued platform development to meet evolving enterprise needs.

Password Manager Must Pay 1.2M Pounds
The British data regulator imposed a fine of 1.2 million pounds against password manager LastPass over a 2022 data breach that exposed the data of millions of its customers. Unidentified hackers stole backup data from LastPass's Amazon Web Services S3 bucket.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity (XXE) flaw that affects all versions prior to

好的，我现在需要帮用户总结这篇文章的内容，控制在100个字以内。首先，我得仔细阅读文章，抓住关键点。 文章主要讲的是美国网络安全和基础设施安全局（CISA）将一个高危漏洞CVE-2025-58360加入到已知被利用的漏洞目录中。这个漏洞影响了OSGeo GeoServer的多个版本，包括2.25.5及之前的版本，以及2.26.0到2.26.1的版本。漏洞类型是未认证的XXE（XML外部实体）漏洞，CVSS评分为8.2。 接下来，文章提到该漏洞已经被修复，在版本2.25.6、2.26.2、2.27.0、2.28.0和2.28.1中都有补丁。XBOW平台发现了这个漏洞，并报告了问题。 CISA的描述指出，攻击者可以通过特定的端点发送XML请求，导致服务器访问任意文件、进行SSRF攻击或引发DoS攻击。虽然目前还没有关于该漏洞被实际利用的详细信息，但加拿大网络安全中心在11月发布了一个公告，称该漏洞在野外有被利用的情况。 此外，文章还提到同一软件中另一个高危漏洞CVE-2024-36401在过去一年中被多个威胁行为者利用。CISA建议联邦机构在2026年1月1日前应用补丁修复漏洞。 总结一下，关键点包括：CISA加入KEV目录、漏洞CVE-XX影响GeoServer多个版本、XXE类型、CVSS评分8.2、修复版本、可能的攻击影响（文件访问、SSRF、DoS）、公告提到野外利用情况、另一个高危漏洞的历史背景以及修复建议的时间节点。 现在我需要将这些信息浓缩到100字以内。要注意用词简洁明了，涵盖主要事件和影响。 可能的结构是：CISA将某个高危XXE漏洞加入目录，影响GeoServer多个版本，CVSS评分8.2。该漏洞允许攻击者访问文件、进行SSRF或DoS攻击。已发布修复补丁，并提醒用户尽快更新以防止被利用。 这样应该能控制在100字以内。 美国网络安全机构CISA将影响OSGeo GeoServer的高危XML外部实体（XXE）漏洞CVE-2025-58360加入已知被利用的漏洞目录。该漏洞允许攻击者通过特定端点发送恶意XML请求，从而访问服务器文件、发起SSRF或DoS攻击。已发布修复版本以应对这一威胁。

Here’s a look at the most interesting products from the past week, featuring releases from Apptega, Backslash Security, BigID, Black Kite, Bugcrowd, NinjaOne, Nudge Security, and Veza. Apptega Policy Manager streamlines policy creation and compliance oversight Apptega revealed its Policy Manager module, expanding the company’s platform to automate the creation, review, and oversight of custom business policies. With this enhancement, Apptega enables partners and in-house security and compliance teams to maintain auditable policies with minimal … More →

The post New infosec products of the week: December 12, 2025 appeared first on Help Net Security.

SpearSpray is an advanced password spraying tool designed specifically for Active Directory environments. It combines user enumeration via LDAP

The post SpearSpray: The Stealthy Tool That Bypasses Lockout Policies in Active Directory appeared first on Penetration Testing Tools.

Google has released an unscheduled Chrome update to patch a zero-day vulnerability already being exploited in active attacks.

The post PATCH NOW: Google Issues Emergency Chrome Update for Actively Exploited Zero-Day appeared first on Penetration Testing Tools.

Железный человек — да, Роберт Дауни-младший — нет. Названы условия, на который Sora сможет генерировать персонажей компании.

Microsoft has released its December security updates: Patch Tuesday brings fixes for 57 vulnerabilities, including three zero-days (one

The post PATCH NOW: Microsoft Fixes 57 Flaws, Including Three Zero-Days Actively Exploited appeared first on Penetration Testing Tools.

The investigation in Japan has detained two Chinese nationals suspected of orchestrating the largest known market-manipulation scheme involving

The post Japan’s Largest Scam: Chinese Duo Used Hijacked Accounts to Manipulate Stock Prices appeared first on Penetration Testing Tools.

Experts at Doctor Web have identified a new click-fraud trojan, Trojan.ChimeraWire, which disguises itself as the activity of

The post ChimeraWire: The Click-Fraud Trojan Disguised as a Human User appeared first on Penetration Testing Tools.

The financially motivated group Storm-0249, long known as a broker of initial access for ransomware operators, has markedly

The post Invisible Ransomware: Storm-0249 Weaponizes SentinelOne EDR in Stealth Attacks appeared first on Penetration Testing Tools.

A newly discovered vulnerability in Node.js, designated CVE-2025-55182 and informally dubbed React2Shell, has become a favored weapon of

The post React2Shell Exploit: Botnets Target 150K+ Devices Daily with Node.js Flaw appeared first on Penetration Testing Tools.

The widow of Saudi dissident journalist Jamal Khashoggi has filed a complaint with the French prosecutor’s office, alleging

The post Khashoggi’s Widow Files French Complaint Over Pegasus Spyware Infection appeared first on Penetration Testing Tools.

The International Criminal Court has released a draft policy aimed at confronting crimes committed through digital technologies. The

The post Digital War Crimes: ICC Drafts Policy to Judge Cyber-Enabled Genocide and Aggression appeared first on Penetration Testing Tools.

网络经济学

A vulnerability, which was classified as critical, was found in H3C GR-1200W MiniGRW1A0V100R006. Impacted is the function set_tftp_upgrad. Executing manipulation can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2023-29693. The attack needs to be done within the local network. There is no exploit available.