Aggregator

China-Aligned Attackers Use ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign

Cyber Security News
16 hours 21 minutes ago

A China-aligned threat group has been carrying out a carefully planned espionage campaign against government agencies and critical infrastructure across Asia. The group, tracked under the temporary designation SHADOW-EARTH-053, has been active since at least December 2024, quietly targeting organizations in at least eight countries. The campaign uses a combination of malware tools and living-off-the-land […]

The post China-Aligned Attackers Use ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign appeared first on Cyber Security News.

Tushar Subhra Dutta

interactive-process-mcp:让 AI Agent 拥有交互式终端能力

先知技术社区
16 hours 24 minutes ago
当我们在终端里工作时,大量操作本质上是多轮交互的过程——SSH 登录服务器需要先输入密码,再执行命令;Python REPL 中逐行调试代码,每一步都依赖上一步的结果;交互式安装程序不时弹出 [Y/n] 提示等待回应。这些场景对人类来说稀松平常,但对于 AI Agent 而言却是一道难题:它们原生只能执行一次性命令,运行完毕立刻返回结果,无法在多个对话轮次中持续地读写同一个进程。 intera

CVE-2026-7585 | Open5GS up to 2.7.7 AMF /src/amf/nudm-handler.c amf_nudm_sdm_handle_provisioned denial of service (Issue 4403)

VulDB Recent Entries
16 hours 26 minutes ago
A vulnerability was found in Open5GS up to 2.7.7 and classified as problematic. The impacted element is the function amf_nudm_sdm_handle_provisioned of the file /src/amf/nudm-handler.c of the component AMF. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2026-7585. The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

我做了一个用自然语言挖漏洞的 AI 渗透工具:VulnClaw

先知技术社区
16 hours 36 minutes ago
记得以前做渗透,信息收集要开一堆工具,漏洞利用要自己找 POC,报告写完一天没了。 最近写了一个 CLI 工具 VulnClaw,把这个流程串起来了: 自然语言输入 → AI 理解意图 → MCP 工具链 → 全自动渗透 → 自动出报告。 GitHub 开源,MIT 协议,欢迎试用。

CVE-2026-42996 | JS8Call-improved up to 2.3.1 APRSISClient.cpp grid2deg stack-based overflow (GHSA-98hp-pjp7-w62x)

VulDB Recent Entries
16 hours 37 minutes ago
A vulnerability has been found in JS8Call-improved up to 2.3.1 and classified as critical. The affected element is the function grid2deg of the file APRSISClient.cpp. Performing a manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2026-42996. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2026-7584 | Zurich Instruments LabOne Q up to 26.1.1/26.4.0b5 File deserialization

VulDB Recent Entries
16 hours 38 minutes ago
A vulnerability, which was classified as critical, was found in Zurich Instruments LabOne Q up to 26.1.1/26.4.0b5. Impacted is an unknown function of the component File Handler. Such manipulation leads to deserialization. This vulnerability is referenced as CVE-2026-7584. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.
vuldb.com

SLH

Dark Feed IO
17 hours 11 minutes ago

You must login to view this content

cohenido

SLH

Dark Feed IO
17 hours 11 minutes ago

You must login to view this content

cohenido

Managed ad