Aggregator

A vulnerability was found in TryGhost Ghost. It has been rated as problematic. This affects an unknown part of the component Portal. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2026-24778. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability described as problematic has been identified in wolfSSL up to 5.6.4. This impacts an unknown function of the component Elliptic Curve Handler. Such manipulation leads to information exposure through discrepancy. This vulnerability is documented as CVE-2024-1544. The attack needs to be performed locally. There is not any exploit available.

A vulnerability identified as problematic has been detected in wolfSSL up to 5.6.6 on Linux/Windows. Affected is the function RsaPrivateDecryption of the file wolfssl/wolfcrypt/src/rsa.c of the component wolfCrypt. This manipulation causes improper restriction of software interfaces to hardware features. This vulnerability is tracked as CVE-2024-1545. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in script3 soroban-fixed-point-math 1.3.0/1.4.0. Impacted is the function fixed_div_floor/fixed_div_ceil. Executing a manipulation can lead to incorrect calculation. This vulnerability is registered as CVE-2026-24783. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability classified as critical has been found in OpenSSL up to 3.0.18/3.3.5/3.4.3/3.5.4/3.6.0. This vulnerability affects unknown code of the component AuthEnvelopedData Message Handler. This manipulation causes out-of-bounds write. This vulnerability is tracked as CVE-2025-15467. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

Agent Skills作为连接大语言模型与现实世界的桥梁，正在重塑人机交互范式。其可插拔、可组合、可执行的特性赋予了Agent强大的能力，但也创造了前所未有的攻击面。本文系统性地分析了Agent Skills面临的三重脆弱性：执行边界模糊、输入输出不可预测、数据流复杂性，并从提示注入、代码注入、SSRF、供应链投毒等多个维度剖析了攻击向量,并原创性提出Skills安全风险评估框架概念，提供了可审

某次高规格红队攻防演练，团队已在渗透阶段捕获一批明文密码，但始终无法拿到管理人员的用户名来突破网络边界，内网主机均部署了杀软常规横向手段无异于自投罗网。

以 CVE-2020-0668 为例，分析 Windows 服务因 LoadLibraryEx 调用不规范导致的 DLL 劫持漏洞。

顺便学习一下过时的ret2usr以及heapoverflow

AI agents are now executing regulated actions, reshaping how compliance controls actually work. Token Security explains why CISOs must rethink identity, access, and auditability as AI becomes a digital employee. [...]

信息收集端口扫描使用nmap进行端口探测，发现存在22、80、8761端口开放。使用nmap探测具体协议。发现是一台 Ubuntu 20.04 focalweb页面访问web站点发现serveices里面存在很多商品。发现访问不存在的接口，发现存在spring的报错页面。目录扫描使用工具对其进行目录爆破。发现存在heap dump泄露。下载之后进行分析。Heapdump分析手动分析使用vm虚拟机进

该漏洞成因是使用createFileSessionStorage()函数存储用户凭证，并且在会话存储配置中未提供secrets参数，导致攻击者可以利用这一特性写入/覆盖任意文件

State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain often involves concealing the malicious file within the ADS of a decoy file inside the archive. While the user typically views a decoy document (such as a PDF) within the archive, there are also malicious ADS … More →

The post WinRAR vulnerability still a go-to tool for hackers, Mandiant warns appeared first on Help Net Security.

发现Cordys CRM v1.4.1存在可控SQL注入及三处SSRF漏洞，均源于用户输入未校验导致的远程命令/请求执行。

漏洞介绍Laravel Reverb 为 Laravel 应用提供实时 WebSocket 通信后端。在 1.6.3 及更早版本中，Reverb 将来自 Redis 通道的数据直接传递给 PHP 的 unserialize() 函数，且未对可实例化的类进行限制，导致用户面临远程代码执行风险。由于 Redis 服务通常部署时未启用身份验证，此漏洞的可利用性进一步增加，但仅影响启用了水平扩展的 Lar

AI 安全不再是“调戏”聊天机器人的游戏。当企业的 GPU 集群开始裸奔，当开源模型变成潜伏的 Shellcode，攻防的维度已被彻底降维。 本文带你复盘 2026 年最流行的 AI 基础设施漏洞：

某次红队演练，在针对核心业务系统发起渗透测试时，通过代码审计拿到 Gin 架构下的 SQL 注入漏洞，但实际挖掘却无法进一步提取出可利用的数据。团队投入近一个月时间，围绕 PostgreSQL 的内核机制、权限模型、数据存储方式展开专项研究，最终在受限的环境下，构造了一条攻击链，实现了从一个无效的注入到 PostgreSQL 全域控制、权限提权并持久化 RCE 的完整突破。

APT32、shellcode实现驻留、shellcode化rust特马

分析SpeculativeDecoding和MoE推理加速机制如何将输入相关控制流外显为可观测元数据，导致提示词指纹识别、语义推断与路由泄露等新型侧信道攻击。

A vulnerability was found in D-Link DIR-615 up to 4.10. It has been classified as critical. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is cataloged as CVE-2026-1448. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.