Aggregator

本文系统地介绍了在渗透测试与内网攻防中至关重要的 Linux 提权技术。先阐述了权限划分的基本原理，包括用户与用户组、文件权限、特殊权限（SUID、SGID、SBIT）等核心概念；然后通过自动化工具与手动命令详细说明了信息收集阶段的关键操作，如系统版本、用户信息、明文密码及 SSH 密钥的获取方式。文章重点介绍了几类常见提权手法，包括内核漏洞利用、/etc/passwd 伪造、Docker 容器逃

Антивирус спокоен, SSL блестит. А в системе уже работает вредонос, сгенерированный ИИ.

Sandisk U盘附带免费加密软件PrivateAccess，支持Windows和macOS双系统。用户可通过创建密码保护敏感文件或隐藏空间，并可预览和编辑加密文件。软件小巧便携，适合需要简单加密需求的用户。

介绍了TensorFlow中的`tf.GradientTape` API的高级功能，包括控制梯度记录、自定义梯度、多带操作和高阶导数计算等，适用于复杂模型的优化和调试。

这是一个开放的黑客社区，旨在帮助新手成长为资深黑客。用户可以提问、解答并学习地下技术。社区提供Discord链接供进一步交流。

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49704 (CVSS score: 8.8), a code injection and remote code execution bug in Microsoft SharePoint Server that was addressed by the tech giant as

微软SharePoint Server存在严重零日漏洞（CVE-2025-53770），CVSS评分9.8，允许攻击者远程执行代码。该漏洞被用于大规模网络攻击，微软正在开发修复补丁，并建议用户启用反恶意软件扫描接口（AMSI）以缓解风险。

非工具一键获取，详细分析其流程，并提供Tomcat回显链新实现

A vulnerability was found in Rails Thor up to 1.3.x. It has been declared as critical. This vulnerability affects unknown code of the component Shell Command Handler. The manipulation leads to os command injection. This vulnerability was named CVE-2025-54314. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens. The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories. The list of affected

文章描述了针对npm包的供应链攻击事件，攻击者通过钓鱼邮件获取项目维护者的令牌，发布恶意版本以窃取信息或执行远程代码。同时，抗议软件被上传至npm，影响特定网站。此外，Arch Linux移除了包含远程访问木马的AUR包。

A vulnerability was found in Microsoft SharePoint Enterprise Server 2016/2019/Subscription Edition. It has been classified as very critical. This affects an unknown part. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2025-53770. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Биткойн подрос? Тогда хакеры уже на полпути к вашему MetaMask.

这个夏天名师执教、 舒适食宿 、创新课程 、探索前沿，InForSec夏令营等你一起开启一场AI安全的邂逅

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument telnet_enabled with the input 1 leads to missing authentication. This vulnerability is known as CVE-2025-7862. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. This vulnerability is handled as CVE-2025-7863. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-7864. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross site scripting. This vulnerability was named CVE-2025-7865. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiência ou Transtorno leads to cross site scripting. The identification of this vulnerability is CVE-2025-7866. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9.0. Affected is an unknown function of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo leads to cross site scripting. This vulnerability is traded as CVE-2025-7867. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.