Aggregator

A vulnerability was found in Linux Kernel up to 6.4.4. It has been classified as critical. Affected by this issue is the function s3c24xx_serial_getclk of the component tty. The manipulation leads to memory leak. This vulnerability is traded as CVE-2023-53858. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.4.3. The affected element is an unknown function in the library lib/iov_iter.c of the component netlink. Executing manipulation can lead to privilege escalation. The identification of this vulnerability is CVE-2023-53863. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in TianoCore EDK2. It has been rated as problematic. This issue affects some unknown processing. This manipulation causes information disclosure. This vulnerability is handled as CVE-2024-38798. It is possible to launch the attack on the local host. There is not any exploit available. Upgrading the affected component is advised.

NK-linked hackers are likely exploiting the React2Shell flaw to deploy a newly discovered remote access trojan, dubbed EtherRAT. North Korea–linked threat actors are likely exploiting the new critical React2Shell flaw (CVE-2025-55182) to deploy a previously unknown remote access trojan called EtherRAT, Sysdig researchers warn. The vulnerability CVE-2025-55182, is a pre-authentication remote code execution issue in React […]

Highlights: Introduction Throughout 2025, we conducted and published several reports related to our research on the Silver Fox APT. In some of them (for example, here), the threat actor delivered the well-known ValleyRAT backdoor, also referred to as Winos or Winos4.0, as the final stage. Since this malware family is widely used, modular, and often associated with Chinese threat actors […]

The post Cracking ValleyRAT: From Builder Secrets to Kernel Rootkits appeared first on Check Point Research.

Медбрат Сергей Глухих оштрафован по статье 13.53 КоАП.

Cybersecurity is about to hit a turning point in 2026. Attackers aren’t only testing AI but also building campaigns around it. Their tooling is getting faster, more adaptive, and far better at mimicking user behavior, from reconnaissance to phishing to initial access.  The Shift is Already Underway  With geopolitical tension rising and technology accelerating, SOCs are entering a period where both […]

The post What’s Next for SOC in 2026: Get the Early-Adopter Advantage  appeared first on Cyber Security News.

A vulnerability was found in NomySost Nomysem up to May 2025. It has been classified as critical. This affects an unknown function. The manipulation leads to incorrect use of privileged apis. This vulnerability is referenced as CVE-2025-1161. Remote exploitation of the attack is possible. No exploit is available.

最实战、最贴近渗透测试/攻防演练使用的 JWT 常见测试清单，涵盖 信息收集 → 解码分析 → 逻辑绕过 → 密钥爆破 → 漏洞利用 → 加固建议。

报：微软开始挖自己的漏洞了！

Техгиганты создали фонд для спасения индустрии ИИ от хаоса несовместимости.

文章描述了一次CTF挑战过程，使用Nmap进行默认脚本扫描和版本探测，利用FTP匿名登录获取用户列表和密码文件，并通过Gobuster发现隐藏的login.php页面。最终使用获取的admin凭证登录并获得flag。

在HackTheBox的Outbound实验室中，作者通过Nmap和Nuclei发现并利用Roundcube服务器的漏洞（CVE-2025-49113），获得低权限shell。随后通过数据库枚举和会话解密获取用户密码，利用SSH登录并切换用户。最后利用另一个漏洞（CVE-2025-27591）提升权限至root，并获取root flag。

文章介绍了一个名为“Phishing Pond”的训练室，通过真实邮件示例教授如何识别钓鱼攻击。它分析了常见的钓鱼手法如伪装域名、紧急请求、恶意附件等，并指导用户分类邮件以完成挑战。最终获得flag并提升识别能力。

作者在暗网论坛发现关于CloudCorp Inc.的信息泄露，利用这些信息成功入侵并获利。

嗯，用户让我帮忙总结一篇文章，控制在一百个字以内，而且不需要用“文章内容总结”之类的开头。首先，我得仔细阅读文章内容，抓住主要信息。 这篇文章讲的是作者在暗网论坛上偶然发现了一个关于“CloudCorp Inc.”公司的漏洞。作者本来只是随意浏览，结果发现有人抱怨测试一个“愚蠢”的目标，结果无意中透露了很多信息。这可能涉及到云安全或者SaaS服务的漏洞。 接下来，我需要提炼出关键点：作者在暗网论坛发现漏洞、公司名称是CloudCorp Inc.、信息泄露导致潜在安全问题。然后把这些点浓缩成一句话，不超过一百个字。 还要注意用词简洁，避免复杂结构。比如，“发现”、“泄露”、“安全问题”这些词比较合适。最后检查一下字数和流畅度，确保符合要求。 作者在暗网论坛偶然发现一帖子，泄露了云服务公司"CloudCorp Inc."的漏洞信息。

Google Says Gemini Enterprise Agentic AI Model Is Ready for Banking Clients
BNY is integrating Google Cloud's Gemini Enterprise agentic artificial intelligence platform into its proprietary enterprise AI platform, Eliza. The move represents an evolution from AI as a pilot project to AI as infrastructure for the global financial services organization.

Lazarus APT组织攻击活动样本分析