Aggregator
常见反调试技术分析与绕过方法详解
QnQSec CTF 2025部分wp
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Convenience culture is breaking personal security
AI is changing how scams are built, shared, and trusted. A new global survey from Bitdefender shows how far the problem has spread. AI is helping scams evolve faster than people can respond Over seven in ten consumers encountered some form of scam in the past year. One in seven fell for one. Worry about AI driven fraud is now mainstream, with 37% listing deepfake audio and video as their top concern. AI tools let … More →
The post Convenience culture is breaking personal security appeared first on Help Net Security.
论弹性数字安全与韧性数字安全的本质区别
CVE-2025-55692 | Microsoft Windows up to Server 2025 Error Reporting Service input validation (EUVD-2025-34329)
CVE-2025-55694 | Microsoft Windows 11 24H2/11 25H2/Server 2022 23H2/Server 2025 Error Reporting Service access control (EUVD-2025-34327)
CVE-2025-55696 | Microsoft Windows up to Server 2025 NtQueryInformation ntifs.h untrusted pointer dereference (EUVD-2025-34325)
CVE-2025-55697 | Microsoft Windows Server 2022 23H2/Server 2025 Azure heap-based overflow (EUVD-2025-34324)
CVE-2025-55698 | Microsoft Windows 11 24H2/11 25H2/Server 2025 DirectX Graphics Kernel null pointer dereference (EUVD-2025-34323)
CVE-2025-58714 | Microsoft Windows up to Server 2025 Ancillary Function Driver for WinSock access control (EUVD-2025-34321)
CVE-2025-55699 | Microsoft Windows up to Server 2025 Kernel information disclosure (EUVD-2025-34322)
CVE-2025-13051 | ASUSTOR ABP/AES uncontrolled search path (EUVD-2025-198124 / CNNVD-202511-2269)
CVE-2025-12777 | YITH WooCommerce Wishlist Plugin up to 4.10.0 on WordPress AJAX lists authorization (EUVD-2025-198126 / CNNVD-202511-2270)
CVE-2025-6251 | Royal Elementor Addons and Templates Plugin up to 1.7.1036 on WordPress item['field_id'] cross site scripting (EUVD-2025-198115 / CNNVD-202511-2259)
Inside Iran's Cyber Objectives: What Do They Want?
JVN: 複数のAutomated Logic製品における複数の脆弱性
New infosec products of the week: November 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Bedrock Data, Immersive, Kentik, Minimus, and Synack. Kentik AI Advisor brings intelligence and automation to network design and operations Kentik has launched the Kentik AI Advisor, an agentic AI solution that understands enterprise and service provider networks, thinks critically, and offers guidance for designing, operating, and protecting infrastructure at scale. Bedrock Data expands platform with AI governance and natural-language policy … More →
The post New infosec products of the week: November 21, 2025 appeared first on Help Net Security.