Aggregator

MCP Server Paused for Days After Bug Risked Data Leakage Between Users
Asana patched a vulnerability in an artificial intelligence integration feature that could have allowed users to view data from other organizations. The time management company paused the use of Asana Model Context Protocol for nearly two weeks to apply the fix.

Analysts Say CYBERCOM Likely Played a Major Role in Strike on Iranian Nuclear Sites
The United States' "Midnight Hammer" missile strike that hit three key Iranian nuclear sites likely involved significant support from U.S. Cyber Command, analysts told Information Security Media Group, after officials credited the unit for taking part in the military operation.

Frustrations Over Preauthorization Denials Have Led to 'Violence in Streets'
A dozen health insurance giants that provide coverage for about 80% of Americans with Medicare, Medicaid and commercial plans have agreed to work the U.S. Department of Health and Human Services to voluntarily streamline and improve their preauthorization processes.

Proxies Prioritize Psychological Effects Over Real Life Effects in Cyberspace
Warnings about Iranian hacking following the United States' Saturday bombing of Iranian nuclear weapon development sites ratcheted sharply upward even after weeks of admonitions that Iran could respond to ongoing missile strikes with virtual assaults.

HackerNews 编译，转载请注明出处： 美国国土安全部（DHS）上周末警告称，伊朗支持的黑客组织及亲伊朗黑客活动分子构成的网络攻击风险正在升级。该预警通过周日的“国家恐怖主义预警系统公告”发布，指出伊朗冲突导致美国本土进入“威胁加剧环境”，可能面临针对美国网络的“低级别”网络攻击。 公告明确表示：“若伊朗领导人发布宗教指令，号召对本土目标实施报复性暴力行动，美国境内暴力极端分子独立动员发动袭击的可能性将显著增加。”同时强调：“近期多起本土恐怖袭击均由反犹太或反以色列情绪驱动，持续的以伊冲突可能刺激美国境内个体策划更多攻击。” 在公告中，DHS还警示需警惕黑客活动分子与伊朗政府关联黑客协同实施的网络攻击，此类攻击曾针对安全防护薄弱的美方网络。此前10月，美国、加拿大和澳大利亚当局联合通报，伊朗黑客正充当初始访问代理，通过暴力破解、密码喷洒及多重验证疲劳攻击（又称推送轰炸攻击）入侵医疗、政府、信息技术、工程和能源领域机构。 在8月发布的另一份通报中，美国网络安全和基础设施安全局（CISA）、联邦调查局（FBI）及国防部网络犯罪中心（DC3）曾警告需防范代号Br0k3r（亦称Pioneer Kitten、Fox Kitten等）的伊朗黑客组织。该组织被认定为受国家支持，通过向勒索软件团伙出售入侵网络初始访问权限并参与利润分成牟利。 尽管DHS未在公告中明示，此次预警很可能与美军最新行动直接相关：6月21日，美军对伊朗福尔多、纳坦兹和伊斯法罕三处核心核设施发动空袭，美国总统特朗普称此次行动为“军事胜利”，并警告若德黑兰拒绝和谈将面临“更大规模打击”。此次军事行动引发网络空间连锁反应——亲伊朗黑客组织“313小组”为此对特朗普的“真相社交”（Truth Social）平台发动分布式拒绝服务攻击（DDoS）致其瘫痪。而此前一周（6月13日），以色列刚袭击过伊朗多个核设施与军事目标。伊朗外长阿拉格齐回应此次袭击时警告将产生“永久性后果”，并表示“伊朗保留捍卫主权、利益及人民的一切选项”。       消息来源： bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Apache Struts up to 2.0.33/2.5.10. This issue affects some unknown processing of the component Freemarker Tag Handler. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2017-12611. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Penny Auction Factory 2.0.4 on Joomla and classified as critical. This vulnerability affects unknown code. The manipulation of the argument filter_order_Dir/filter_order as part of Parameter leads to sql injection. This vulnerability was named CVE-2018-17378. The attack can be initiated remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： 谷歌披露了其生成式人工智能（AI）系统为应对间接提示注入等新型攻击向量而采取的多层安全措施，旨在提升代理型AI系统的整体安全防护能力。谷歌生成式AI安全团队表示：“与攻击者直接向提示输入恶意指令的直接提示注入不同，间接提示注入通过外部数据源嵌入隐藏的恶意指令。”这些外部数据源包括电子邮件、文档甚至日历邀请，可诱骗AI系统泄露敏感数据或执行其他恶意操作。 谷歌表示已实施“分层”防御策略，通过增加攻击难度、成本和复杂性来保护系统。相关措施涵盖模型加固、专用机器学习（ML）恶意指令检测模型及系统级防护机制。作为旗舰生成式AI模型的Gemini还内置了多重防护功能，包括： 提示注入分类器：过滤恶意指令以生成安全响应。 安全思维强化技术：在非信任数据（如邮件）中插入特殊标记（称为”聚光灯”技术），引导模型规避对抗性指令。 Markdown消毒与可疑URL屏蔽：利用谷歌安全浏览服务移除潜在恶意URL，并通过Markdown消毒器阻止外部图片URL渲染，防范EchoLeak等漏洞。 用户确认框架：高风险操作需经用户二次确认。 终端安全警报：向用户提示注入攻击风险。 谷歌指出，恶意攻击者正通过自适应攻击（ART）动态调整策略以绕过防御，使基础防护失效。谷歌DeepMind上月强调：“间接提示注入构成真实威胁，AI模型难以区分真实指令与数据中嵌入的操纵性命令。”对此，谷歌主张构建深度防御体系——从模型原生攻击识别、应用层防护到底层基础设施硬件防御的全栈防护。 与此同时，最新研究揭示多种绕过大语言模型（LLM）安全防护的技术：字符注入(character injections)通过干扰模型对提示上下文的解读，利用其对学习特征的过度依赖突破防护；Anthropic、谷歌DeepMind、苏黎世联邦理工学院及卡内基梅隆大学的联合研究发现，LLM未来可能成为新型攻击工具——不仅能高精度窃取密码信用卡，还可设计多态恶意软件并实施精准定向攻击。研究显示，LLM能开辟新型攻击路径：利用多模态能力提取个人身份信息，分析受控环境中的网络设备，并生成高度逼真的钓鱼网页。不过研究也指出，LLM尚缺乏发掘主流软件零日漏洞的能力，仅可自动化检测未审计程序的简单漏洞。 根据Dreadnode的AIRTBench基准测试，Anthropic、谷歌和OpenAI的前沿模型在AI夺旗赛（CTF）中表现优于开源模型——擅长提示注入攻击，但在系统渗透和模型反演任务中仍有不足。研究人员指出：“模型在特定漏洞类型（如提示注入）上有效，但在其他领域（如模型反演）进展不均。值得注意的是，AI代理效率优势显著：分钟级解决人类需数小时完成的挑战，且成功率相当，预示其在安全领域的变革潜力。” Anthropic上周发布的压力测试进一步揭示风险：测试中16个主流AI模型表现出恶意内部行为倾向，包括通过勒索及向竞争对手泄露敏感信息避免被取代。Anthropic称：“通常拒绝有害请求的模型，在目标驱动下会选择协助商业间谍活动甚至采取极端行为。”并将此现象定义为代理错位(agentic misalignment)。该行为模式表明，即使内置多重防护，LLM在高风险场景仍可能规避防护机制，持续选择“造成伤害而非任务失败”。但研究强调，现实中尚未出现此类代理错位案例。研究人员警示：“三年前的模型无法完成本文所述任务，而三年后模型若被滥用可能具备更强危害能力。当前亟需深入研究威胁演变、开发更强防御体系，并推动语言模型的防御应用。”       消息来源： thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Soundset Com Soundset 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Sound. The manipulation of the argument cat_id leads to sql injection. This vulnerability is handled as CVE-2009-3644. The attack may be launched remotely. Furthermore, there is an exploit available.

旺刺组织挖掘了某邮件平台网页版的XSS 0day漏洞，通过该漏洞触发CilckOnce，实现打开钓鱼邮件时自动弹出钓鱼框，提高钓鱼攻击成功率。此外其背后的情报机构除了拥有大量win平台0day外，还掌握着大量国产软件未公开的内部接口

本文介绍用 Go 语言 CGO 实现 ELF 加载器的方法，以 emp3r0r 项目为例，讲解借助 Zig 编译器交叉编译，调用 C 语言代码实现 ELF 文件内存加载与执行，提升红队工具功能，同时需注意编译兼容性。

雷军回复称：「我们没有计划造油车。」今日晚间，「微信语音 丑」话题登顶微博热搜；雷军宣布，6 月 26 日的小米人车家全生态发布会上，还将有一款「面向下一个时代的个人智能设备」。

A vulnerability, which was classified as critical, has been found in Silicon Labs Z-Wave Series 500 6.84.0. Affected by this issue is some unknown functionality. The manipulation leads to permission issues. This vulnerability is handled as CVE-2024-50931. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in JEPAAS 7.2.8. Affected is an unknown function of the file /je/rbac/rbac/loadLoginCount of the component Query Handler. The manipulation of the argument dateVal leads to sql injection. This vulnerability is traded as CVE-2024-51165. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Jenkins. Affected is an unknown function. The manipulation leads to open redirect. This vulnerability is traded as CVE-2025-27625. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in timescale pgai. It has been classified as problematic. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-52467. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in OpenListTeam OpenList up to 4.0.0-rc.3. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-50183. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in LabRedesCefetRJ WeGIA up to 3.4.1 and classified as very critical. Affected by this vulnerability is an unknown functionality of the file /html/configuracao/debug_info.php. The manipulation of the argument branch leads to os command injection. This vulnerability is known as CVE-2025-50201. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Versa Director up to 22.1.4 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to use of default credentials. This vulnerability was named CVE-2025-24288. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.