Aggregator

文章探讨了身份安全如何应对日益复杂的威胁环境，特别是恶意行为者利用生成式 AI 进行社会工程攻击的问题。专家 Brett Winterford 分享了 Okta 威胁情报团队的研究成果，并提供了加强防御的建议。此外，文章还讨论了 AI 在应用开发和网络安全中的角色及其带来的挑战与机遇。

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. "Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure

微软发现针对美国组织的新网络钓鱼活动，利用大语言模型生成的代码隐藏恶意软件并逃避安全防御。攻击者通过伪装成PDF的SVG文件发送钓鱼邮件，并使用自地址策略隐藏真实目标。SVG文件嵌入JavaScript重定向至钓鱼页面以窃取凭证。

A vulnerability was found in Adobe Acrobat Reader up to 2015.006.30498/2017.011.30143/2019.012.20035 and classified as critical. This affects an unknown function. The manipulation results in memory corruption. This vulnerability is cataloged as CVE-2019-8049. The attack may be launched remotely. Furthermore, there is an exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Adobe Acrobat Reader up to 2015.006.30498/2017.011.30143/2019.012.20035. The affected element is an unknown function. This manipulation causes out-of-bounds write. The identification of this vulnerability is CVE-2019-8016. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Adobe Acrobat Reader up to 2015.006.30498/2017.011.30143/2019.012.20035. It has been rated as critical. Affected by this vulnerability is an unknown functionality. Performing manipulation results in double free. This vulnerability is reported as CVE-2019-8044. The attack is possible to be carried out remotely. Moreover, an exploit is present. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 2015.006.30498/2017.011.30143/2019.012.20035. The impacted element is an unknown function. Executing manipulation can lead to null pointer dereference. The identification of this vulnerability is CVE-2019-8045. The attack may be launched remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 2015.006.30505/2017.011.30152/2019.021.20056. Affected by this vulnerability is an unknown functionality. Such manipulation leads to out-of-bounds write. This vulnerability is referenced as CVE-2019-16451. It is possible to launch the attack remotely. Furthermore, an exploit is available. You should upgrade the affected component.

A vulnerability classified as critical has been found in Adobe Acrobat Reader up to 2015.006.30498/2017.011.30143/2019.012.20035. The affected element is an unknown function. Performing manipulation results in null pointer dereference. This vulnerability was named CVE-2019-8017. The attack may be initiated remotely. In addition, an exploit is available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in HPE Intelligent Management Center PLAT up to 7.3 E0506P09. This affects an unknown part. Such manipulation leads to information disclosure. This vulnerability is traded as CVE-2019-5392. The attack may be launched remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Apple watchOS up to 5.2.1. Impacted is an unknown function of the component Digital Touch. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2019-8624. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. You should upgrade the affected component.

Department store Harrods has notified e-commerce customers of a major data breach

Cybersecurity researchers have discovered what has been described as the first-ever instance of a malicious Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called "postmark-mcp" that copied an official Postmark Labs library of the same name.

研究人员发现首个真实的恶意Model Context Protocol (MCP) 服务器案例。攻击者通过伪装成合法npm包"postmark-mcp"植入恶意代码，在版本1.0.16中添加了一行代码将所有发送的邮件BCC至攻击者邮箱。该恶意行为暴露了大量敏感通信内容。

Ваш сисадмин случайно пустил хакеров внутрь.

A critical vulnerability in the open source Formbricks experience management toolbox allows attackers to reset any user’s password without authorization. Published three days ago as advisory GHSA-7229-q9pv-j6p4 by maintainer mattinannt, the flaw stems from missing JWT signature verification in Formbricks versions before 4.0.1. If an attacker learns a valid user’s internal identifier, they can forge a token […]

The post Formbricks Signature Verification Flaw Lets Attackers Reset User Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals expand malvertising campaigns from Facebook to Google Ads and YouTube, hijacking accounts to distribute crypto-stealing malware targeting financial platform users worldwide. A sophisticated malvertising campaign that initially targeted Facebook users with fake TradingView Premium offers has significantly expanded its reach, now infiltrating Google Ads and YouTube to distribute advanced cryptocurrency-stealing malware. Bitdefender researchers, who […]

The post Cybercriminals Exploit Facebook and Google Ads as Tools for Stealing Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

文章探讨了认知高但执行力不足导致的精神内耗问题，分析了拖延症的本质是对不确定性的恐惧，并提出了八个「不要做的事」以帮助读者识别和避免常见的拖延诱因。作者强调执行力的重要性，并鼓励读者通过设定明确目标、拆解任务、管理时间和接受偶尔摆烂的正常性来提升行动力。

A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers.  The vulnerability tracked as CVE-2025-59934 affects all versions prior to 4.0.1 and stems from improper token validation that uses jwt.decode() instead of jwt.verify(), allowing attackers to bypass authentication controls entirely. The […]

The post Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization appeared first on Cyber Security News.

A vulnerability was found in Red Hat Enterprise Linux 7/8/9. It has been declared as problematic. The impacted element is an unknown function of the file /etc/shadow of the component PAM. The manipulation results in information disclosure. This vulnerability is cataloged as CVE-2024-10041. The attack must be initiated from a local position. There is no exploit available.