测试环境正常,一上线就出问题:很多答案藏在Windows内核里
Hook、注入、监控、拦截:Windows内核攻防能力怎么系统学?
Aggregator
测试环境正常,一上线就出问题:很多答案藏在Windows内核里
9 hours 46 minutes ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
Frida源码分析之Hook原理篇
9 hours 46 minutes ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
Breach of Confidence 1 May 2026
9 hours 47 minutes ago
The post Breach of Confidence 1 May 2026 appeared first on Javvad Malik.I’ve been thinking abo
Breach of Confidence 1 May 2026
9 hours 47 minutes ago
I’ve been thinking about coal mines. How you dig a hole in the earth, extract everything val
从签名绕过到密钥伪造——JWT认证机制的五条攻击路径
9 hours 50 minutes ago
一次简单的小实验,文末有项目附件,欢迎交流!
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
9 hours 50 minutes ago
The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023.
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. between April and December 2023.
The Hacker News
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
9 hours 50 minutes ago
Data Breach / Law EnforcementThe U.S. Department of Justice (DoJ) on Thursday announced the senten
Spring Boot CloudFoundry Actuator 认证绕过漏洞 CVE-2026-22733
9 hours 52 minutes ago
Spring Boot CloudFoundry Actuator 认证绕过漏洞 CVE-2026-22733
NCTF2026-PWN方向详解(全)
9 hours 53 minutes ago
有基于vfs的栈,一次性的非栈上格式化,2.39的offbynull,以及24字节的shellcode的IOT
近期ActiveMQ Jolokia的两个漏洞以及部分历史漏洞分析
9 hours 54 minutes ago
最近ActiveMQ出了两个有关Jolokia的新漏洞,之前都没看过ActiveMQ,借此机会分析一下,顺带把之前的几个重点漏洞也简单分析一遍。
【AI赋能】六阶段AI流水线赋能APP安全分析实战
9 hours 56 minutes ago
面向移动安全分析场景的 6 阶段总控 Skill。用于统一调度 APK 静态侦察、流量与代码对齐、SO/JNI 深度分析、加密与漏洞综合分析、验证设计与报告交付流程。
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
10 hours 3 minutes ago
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.
The activity has been attributed to the GitHub account "BufferZoneCorp," which has published a set of repositories that are associated with malicious Ruby gems and Go modules. As of
The Hacker News
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
10 hours 3 minutes ago
Supply Chain Attack / MalwareA new software supply chain attack campaign has been observed using s
Weekly Threat Landscape Digest – Week 18
10 hours 5 minutes ago
Week 18 highlighted an active and evolving cyber threat landscape with widespread exploitation of critical vulnerabilities across enterprise systems, browsers, […]
The post Weekly Threat Landscape Digest – Week 18 appeared first on HawkEye.
Ben O
【AI安全】OpenClaw多阶段网页诱导绕过防护的RCE攻击
10 hours 6 minutes ago
OpenClaw作为最近爆火的AI应用,其设计者已深刻意识到了外部攻击面的风险,并构建了多层的静态防护机制,但当攻击者利用长上下文的认知负载和任务导向性等手段逐步诱导AI忽略安全边界时,AI 似乎难以始终守住边界,最终仍可能执行恶意命令。
AI代码审计工作流实现-从想法到实现自动化日入CVE50+、CNVD若干
10 hours 11 minutes ago
AI代码审计工作流实现-从想法到实现自动化日入CVE50+、CNVD若干
2026阿里白帽大会 - Agent安全(智能体时代的攻防新范式)
10 hours 12 minutes ago
2026阿里白帽大会 - Agent安全(智能体时代的攻防新范式)
2026DCIC数字中国创新大赛网安赛道初赛部分题解
10 hours 12 minutes ago
比赛部分题解
新春杯2026web方向(除java)+域渗透wp
10 hours 14 minutes ago
2026新春杯web方向除java题以外加域渗透wp