Aggregator

Mozilla 释出了 Firefox 146。主要新特性包括：对所有用户开放 Firefox Labs；macOS 版本将有一个专门的 GPU 进程，图形代码中的致命错误将不会导致浏览器崩溃，而是重启 GPU 进程；Linux 版本原生支持 Wayland 分数缩放显示，提升渲染效率；Windows 版本停止支持 Direct2D，需要 Direct2D 的用户建议用 140ESR 版本；WebCrypto 支持压缩椭圆曲线点；更新 Skia 图形库；支持 CSS text-decoration-inset 属性、支持 @scope 规则，等等。

PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478). This server-side request forgery (SSRF) flaw in React applications allows attackers to execute arbitrary shell commands, potentially leading to full remote code execution (RCE) on affected servers. Security researchers and […]

The post Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities appeared first on Cyber Security News.

A vulnerability marked as critical has been reported in zevv Duc up to 1.4.5. This affects the function buffer_get. Performing manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2025-13654. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.57/6.17.7. Affected by this issue is the function exfat_mkdir. Such manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2025-40307. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.15.2. This issue affects the function in_hw_restart of the component wifi. Performing manipulation results in null pointer dereference. This vulnerability was named CVE-2025-38121. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.

嗯，用户让我帮忙总结一篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”这样的开头。好的，我先看看这篇文章讲的是什么。 文章标题是“WeakJump CTF 逆向题深度解析：从零到完整攻破的技术之路”。看起来是关于CTF竞赛中的逆向工程题目。作者详细介绍了如何分析和解决这个题目。 首先，文章提到了题目提供了一个名为weakjump的二进制文件，要求找到正确的flag。分析了文件类型，发现是静态链接、64位ELF文件，并且被stripped了符号表，增加了分析难度。 接下来，作者介绍了使用strace追踪系统调用，发现程序调用了ptrace来反调试。然后详细讲解了如何绕过反调试机制，使用GDB脚本修改返回值。 然后是静态分析部分，使用radare2查找字符串和关键函数，识别出加密算法可能使用了TEA算法，并发现了Feistel网络结构。 动态调试部分，作者编写了GDB脚本来捕获轮函数的调用和返回值，绕过了程序的反调试和比对失败的跳转。 最终通过分析加密流程和数据流向，提取密文并结合动态调试获取的数据，成功解密得到了flag。 总结一下，这篇文章详细记录了解决一个复杂逆向工程题目的全过程，包括反调试、静态分析、动态调试、加密算法识别等技术。 文章详细解析了一道CTF逆向题WeakJump的解题过程。通过分析二进制文件、绕过反调试机制、静态与动态分析相结合的方法，最终识别出基于Feistel网络的加密算法并成功解密获得flag。

Считали мат бескультурьем, а это главный признак живого интеллекта (и отсутствия ИИ).

文章描述了错误代码521的原因及其解决方案，指出该错误通常由网络连接问题或服务器配置错误引起，并建议检查网络连接、清除缓存或联系技术支持以解决问题。

HackerNews 编译，转载请注明出处： 为美国军方提供情报、监视与侦察服务的军工承包商 MAG 航空航天公司（MAG Aerospace）遭遇网络攻击，导致员工数据发生泄露。 本周早些时候，该公司已开始通知数千名可能受影响的人员，向其分发详细说明此次网络攻击事件的数据泄露告知函。 MAG 航空航天公司表示，2025 年 8 月下旬，公司监测到内部网络出现可疑活动。为隔离安全隐患，这家总部位于费尔法克斯的军工承包商当即停用了受影响账户，防止泄露范围进一步扩大至更多系统。 公司在泄露告知函中称：“我们已采取多项措施遏制事件影响，包括隔离相关资产、停用受影响的账户与域名、阻断网络访问权限、重置受影响账户密码，并已联络执法部门介入调查。” 后续针对未授权访问的分析显示，攻击者获取了 “少量电子存储的个人信息”，且暂无证据表明泄露数据遭到不当处置。 MAG 航空航天公司为美军提供情报工程服务，其公开披露的合作客户包括美国陆军、联邦应急管理局（FEMA）、美国总务管理局（GSA）、国防情报局（DIA）、国务院、美国太空司令部等重要政府机构。据悉，该公司年收入超 14 亿美元，员工规模逾 1400 人。 公司在数据泄露告知函中解释：“MAG DS 公司（商号为 MAG 航空航天）在全球范围内提供高技术性服务与工程解决方案，我们会在日常业务运营及员工管理工作中获取并留存个人信息。” 该公司未明确披露此次事件中具体泄露的数据类型，但表示将为可能受影响的人员提供为期 24 个月的免费欺诈监测与身份盗用保护服务。 通常情况下，企业仅会在用户姓名、社会保险号（SSN）等身份标识信息泄露时，为相关人员提供此类保护服务。 鉴于 MAG 航空航天所处行业的敏感属性，其泄露的数据对威胁行为者及国家级攻击者而言堪称 “金矿”。至少，个人信息失窃会让攻击者得以发起极具迷惑性的钓鱼攻击与社会工程学攻击，进而诱导受害者在设备上不慎安装恶意软件。     消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17.7. This issue affects the function io_estimate_bvec_size of the component io_uring. The manipulation results in privilege escalation. This vulnerability is cataloged as CVE-2025-40291. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability described as problematic has been identified in AMD Ryzen 9000HX Processors. Affected by this issue is some unknown functionality. Executing manipulation can lead to improper handling of insufficient entropy in trng. This vulnerability appears as CVE-2025-62626. The attack requires local access. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Adobe Animate up to 22.0.9/23.0.1. This issue affects some unknown processing. The manipulation leads to use after free. This vulnerability is listed as CVE-2023-29321. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability marked as problematic has been reported in Adobe Experience Manager up to 6.5.16.0. This issue affects some unknown processing. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2023-29322. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in JFinalCMS 5.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/tag/save. The manipulation leads to cross-site request forgery. This vulnerability is referenced as CVE-2023-49383. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Deepfake images can distort public debate, fuel harassment, or shift a news cycle before anyone checks the source. A new study from researchers at the University of Pisa examines one specific part of this problem. They introduced a way to keep image signatures intact even after cropping. System model Cropping remains a weak spot in image verification Most authentication tools fail the moment a photo is altered. Even small changes like trimming edges turn a … More →

The post New image signature can survive cropping, stop deepfakes from hijacking trust appeared first on Help Net Security.

文章介绍了AES对称加密算法的基本原理及其在逆向工程中的应用。AES采用128位密钥进行加密，需通过密钥扩展生成11个子密钥，并经过10轮加密过程（包括轮密钥加、字节替换、行位移和列混淆）。文章还详细讲解了G运算（行位移、S盒替换和常量异或）及加密阶段的具体实现，并结合实例分析了如何在逆向中识别AES算法及其加密模式。

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Demeng Chen, and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-12-09, 9 days ago. The vendor is given until 2026-04-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Demeng Chen, and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-12-09, 9 days ago. The vendor is given until 2026-04-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Demeng Chen, and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-12-09, 9 days ago. The vendor is given until 2026-04-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Demeng Chen, and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-12-09, 1 days ago. The vendor is given until 2026-04-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.