Qilin
You must login to view this content
Aggregator
Qilin
2 weeks 5 days ago
You must login to view this content
cohenido
The Proxy Ghost: IPCola’s Network Feeds on User Devices Covertly
2 weeks 5 days ago
The launch of the IPCola service on underground forums in 2023 initially appeared to be yet another proxy
The post The Proxy Ghost: IPCola’s Network Feeds on User Devices Covertly appeared first on Penetration Testing Tools.
ddos
Google & Warby Parker Partner on AI Smart Glasses to Launch in 2026
2 weeks 5 days ago
On Monday, Warby Parker and Google announced that they are preparing to release AI-powered smart glasses, with the
The post Google & Warby Parker Partner on AI Smart Glasses to Launch in 2026 appeared first on Penetration Testing Tools.
ddos
2026 Cloud Security Predictions and Priorities for CISOs
2 weeks 5 days ago
What Will Lead Next Year's Cloud Security Agenda?
As 2026 approaches, one thing is certain: Artificial intelligence adoption will continue to accelerate at an extraordinary pace. CISOs will be tasked with maintaining security and control as hybrid cloud environments grow more distributed, automated and interconnected.
As 2026 approaches, one thing is certain: Artificial intelligence adoption will continue to accelerate at an extraordinary pace. CISOs will be tasked with maintaining security and control as hybrid cloud environments grow more distributed, automated and interconnected.
Live Webinar | From Bedside to Back Office: How Agentic AI is Transforming Identity Security in Healthcare
2 weeks 5 days ago
Synthetic Businesses: the New Billion-Dollar Fraud Machine
2 weeks 5 days ago
Weak State Controls and AI-Generated Documents Fuel Surge in Synthetic Entity Fraud
Fraudsters are exploiting weak state controls to create synthetic businesses for less than $150, with potential payouts of more than $100,000 for each fake identity. Synthetic entity fraud has rapidly shifted from a niche threat to a mainstream risk, said Dun & Bradstreet's Andrew La Marca.
Fraudsters are exploiting weak state controls to create synthetic businesses for less than $150, with potential payouts of more than $100,000 for each fake identity. Synthetic entity fraud has rapidly shifted from a niche threat to a mainstream risk, said Dun & Bradstreet's Andrew La Marca.
Clover Raises $36M to Automate Product Security Reviews
2 weeks 5 days ago
Startup Uses AI Agents to Support Proactive Security and Scale Development
With a $36 million investment, Clover Security plans to expand its suite of AI agents that automate security reviews and improve collaboration with developers. The company says this proactive approach helps manage risks introduced by AI-driven software creation.
With a $36 million investment, Clover Security plans to expand its suite of AI agents that automate security reviews and improve collaboration with developers. The company says this proactive approach helps manage risks introduced by AI-driven software creation.
European Commission Probes Google AI Summaries
2 weeks 5 days ago
Regulators Question Whether Google Compensates Publishers for Auto Summaries
Google faces a fresh probe into its competitive practices after the European Union said it will investigate the search engine giant's propensity to convert web content into fuel for its artificial intelligence models. The commission said the investigation is a "matter of priority."
Google faces a fresh probe into its competitive practices after the European Union said it will investigate the search engine giant's propensity to convert web content into fuel for its artificial intelligence models. The commission said the investigation is a "matter of priority."
Hospice Firm, Eye Care Practice Notifying 520,000 of Hacks
2 weeks 5 days ago
Data Theft Incidents Are Among the Latest Hacks Against Specialty Medical Providers
Two specialty healthcare providers - a Florida-based firm that provides hospice services in several states and a Pennsylvania-based eye care practice - are notifying nearly 520,000 people that their sensitive health information was compromised in separate hacking incidents.
Two specialty healthcare providers - a Florida-based firm that provides hospice services in several states and a Pennsylvania-based eye care practice - are notifying nearly 520,000 people that their sensitive health information was compromised in separate hacking incidents.
Безопасен ли ваш брокерский счет? Хакеры нашли способ заработать миллионы, зная только чужой логин
2 weeks 5 days ago
Китайцев задержали в Токио за манипулирование рынком через взломанные счета инвесторов.
Shai-Hulud第二轮攻击波及NPM生态 40万条敏感凭证遭泄露
2 weeks 5 days ago
好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。用户给的文章是关于Shai-Hulud第二轮攻击的,看起来是关于NPM生态系统的安全事件。
首先,我得通读整篇文章,抓住主要信息。文章提到第二轮攻击影响了超过800个软件包,导致40万条敏感凭证泄露。这些凭证被公开到GitHub仓库中,其中约1万条是有效的。攻击者使用了自传播的恶意载荷,并且在第二轮中增加了破坏机制,比如清空主机主目录。
接下来,我需要确定哪些信息是最重要的。攻击的影响范围、泄露的数据量、有效凭证的数量以及攻击手段的变化都是关键点。此外,文章还提到研究人员分析了受影响的设备和环境特征,比如Linux系统和容器环境占比较高。
然后,我要把这些信息浓缩到100字以内。要确保涵盖攻击的影响、数据泄露的规模、有效凭证的数量以及攻击手段的变化。同时,保持语言简洁明了。
最后,检查一下是否符合用户的要求:用中文总结,不使用特定的开头语句,直接描述文章内容,并控制在100字以内。确保没有遗漏重要信息,并且表达清晰。
Shai-Hulud第二轮攻击影响NPM生态,超800个软件包被感染,40万条敏感凭证泄露并公开至GitHub仓库。约60%的NPM令牌仍有效可用。恶意软件新增破坏机制,在特定条件下清空受害者主机主目录。泄露数据包含GitHub令牌、云服务密钥等敏感信息。
Shai-Hulud第二轮攻击波及NPM生态 40万条敏感凭证遭泄露
2 weeks 5 days ago
上周发生的第二轮Shai-Hulud攻击事件,在感染NPM(Node包管理器)仓库数百个软件包后,导致约40万条原始敏感凭证泄露,且被盗数据被公开至3万个GitHub代码仓库中。
尽管开源扫描工具TruffleHog仅验证出约1万条泄露凭证为有效状态,但云安全平台Wiz的研究人员指出,截至12月1日,超过60%的泄露NPM令牌仍处于有效可用状态。
从自传播感染到破坏性.payload
Shai-Hulud威胁最早于9月中旬浮出水面,当时攻击者通过自传播恶意载荷攻陷了187个NPM软件包——该载荷会利用TruffleHog工具识别账户令牌,向软件包中注入恶意脚本并自动在平台发布。
而在第二轮攻击中,受恶意软件影响的软件包数量超800个(含同一软件包的所有受感染版本),且恶意程序新增了破坏性机制:当满足特定条件时,会清空受害者主机的主目录。
泄露凭证的类型与分布
新 GitHub 账户在新仓库上发布机密信息的速度
Wiz研究人员对Shai-Hulud2.0攻击扩散至3万个GitHub仓库的凭证泄露数据展开分析,发现泄露的敏感信息包含以下类型:
1. 约70%的仓库中存在contents.json文件,内含GitHub用户名、令牌及文件快照;
2. 半数仓库包含truffleSecrets.json文件,存储了TruffleHog的扫描结果;
3. 80%的仓库存有environment.json文件,涵盖操作系统信息、CI/CD元数据、NPM包元数据及GitHub身份凭证;
4. 400个仓库托管了actionsSecrets.json文件,包含GitHub Actions工作流密钥。
该恶意软件调用TruffleHog时未启用-only-verified参数,这意味着40万条泄露凭证仅符合已知格式规范,未必仍具备有效性或可使用性。
尽管这批凭证数据存在大量无效信息,需进行大量去重工作,但其中仍包含数百条有效凭证,涵盖云服务密钥、NPM令牌及版本控制系统(VCS)身份凭证。截至目前,这些凭证已构成供应链进一步遭袭的现实风险,例如研究员监测到超60%的泄露NPM令牌仍处于有效状态。
感染设备与环境特征
对2.4万个environment.json文件的分析显示,约半数文件为唯一实例,其中23%对应开发者本地设备,其余则来自CI/CD运行器等基础设施。
研究人员汇总的数据表明,87%的受感染设备为Linux系统,而76%的感染案例发生在容器环境中。
在CI/CD平台分布方面,GitHub Actions占比遥遥领先,其次为Jenkins、GitLab CI及AWS CodeBuild。
受影响的CI/CD平台
从感染对象来看,受影响最严重的软件包为@postman/[email protected]和@asyncapi/[email protected],这两款软件包的感染量合计占所有感染案例的60%以上。
感染包的流行率
研究人员据此认为,若能及早识别并管控这几个核心软件包,Shai-Hulud的攻击影响本可大幅降低。此外,从感染模式来看,99%的感染实例均源于preinstall事件触发的node setup_bun.js脚本执行,极少数例外情况大概率为攻击者的测试尝试。
Wiz认为,Shai-Hulud幕后攻击者会持续优化并演进攻击手段,且预计短期内将出现更多攻击波次,甚至可能利用已窃取的海量凭证发起新一轮攻击。
胡金鱼
CloudMeet:基于 Cloudflare 的免费开源会议预约工具
2 weeks 5 days ago
好,我现在需要帮用户总结这篇文章的内容。用户的要求是用中文,控制在100字以内,不需要特定的开头,直接写描述。首先,我得仔细阅读文章内容,抓住关键点。
文章介绍的是CloudMeet,一个免费的会议调度工具,作为Calendly的替代。它基于Cloudflare的服务,不需要服务器就能部署。支持Google和Outlook日历同步,还有生成会议链接、灵活的时间配置、邮件提醒等功能。部署过程简单,通过GitHub Actions一键完成。
接下来,我需要把这些信息浓缩到100字以内。要突出它的免费、开源、无需服务器的特点,以及核心功能和部署优势。确保语言简洁明了。
可能的结构:介绍产品名称、特点、功能、部署方式和适用人群。这样既全面又简洁。
最后检查一下字数是否符合要求,并确保没有遗漏重要信息。
CloudMeet 是一款免费开源的会议预约工具,基于 Cloudflare 服务构建,无需服务器即可部署。支持 Google 和 Outlook 日历同步、智能生成会议链接、灵活时间配置及邮件提醒功能。适合个人与团队高效管理日程。
Claudable:开源AI Web构建器,秒级生成可部署应用
2 weeks 5 days ago
Claudable 是一款 AI 驱动的开源 Web 构建平台,支持通过自然语言生成代码并快速构建 Next.js 应用。其核心功能包括实时预览、一键部署至 Vercel 以及集成 Supabase 数据库。适用于 AI 编程初学者、独立开发者和技术团队快速开发与教学演示。
Japan Cyber-Shock: Teen Hacked Kaikatsu Club, Used AI to Bypass Defenses
2 weeks 5 days ago
At the beginning of the year, Japan was shaken by a scandal surrounding a major data breach involving
The post Japan Cyber-Shock: Teen Hacked Kaikatsu Club, Used AI to Bypass Defenses appeared first on Penetration Testing Tools.
ddos
China’s “King of Vulnerabilities” Hacked: Knownsec Leak Exposes Zero-Day Flaws
2 weeks 5 days ago
A data leak at the Chinese company Knownsec—long heralded as one of the flagships of the nation’s cybersecurity
The post China’s “King of Vulnerabilities” Hacked: Knownsec Leak Exposes Zero-Day Flaws appeared first on Penetration Testing Tools.
ddos
CVE-2022-47425 | reputeinfosystems ARMember Plugin up to 3.4.10 on WordPress Dashboard authorization
2 weeks 5 days ago
A vulnerability, which was classified as problematic, has been found in reputeinfosystems ARMember Plugin up to 3.4.10 on WordPress. This issue affects some unknown processing of the component Dashboard. This manipulation causes authorization bypass.
This vulnerability is handled as CVE-2022-47425. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2023-23729 | Spectra Plugin up to 2.3.1 on WordPress Setting forms_recaptcha authorization
2 weeks 5 days ago
A vulnerability categorized as problematic has been discovered in Spectra Plugin up to 2.3.1 on WordPress. This impacts the function forms_recaptcha of the component Setting Handler. Such manipulation leads to missing authorization.
This vulnerability is referenced as CVE-2023-23729. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2022-46845 | Slider a SlidersPack Plugin up to 2.0.2 on WordPress authorization
2 weeks 5 days ago
A vulnerability, which was classified as critical, has been found in Slider a SlidersPack Plugin up to 2.0.2 on WordPress. This vulnerability affects the function wp_spaios_save_attachment_data/wp_spaios_get_attachment_edit_form. Performing manipulation results in missing authorization.
This vulnerability is cataloged as CVE-2022-46845. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com