Aggregator

文章描述了错误代码521的原因及解决方法。该错误通常由Cloudflare引发，表示服务器无法连接到源站。可能的原因包括网络连接问题、DNS配置错误或源站服务器故障。建议检查网络连接、确认DNS设置正确，并联系主机提供商以解决问题。

HackerNews 编译，转载请注明出处： 移动安全研究人员发现一场大规模恶意活动，攻击者通过伪造的约会和社交应用窃取用户敏感数据。该行动被命名为“SarangTrap”，同时针对Android和iOS平台，利用超过250个恶意应用和80余个钓鱼域名实施攻击，韩国用户为主要目标。 安全公司Zimperium本周三发布的报告指出，该活动采用情感操纵策略：通过虚假用户资料、专属“邀请码”及仿真的应用界面诱骗受害者。这些应用伪装成合法服务，实则专门用于窃取用户联系人、私人照片、短信内容及设备标识符等数据。 攻击流程： 用户安装应用后，界面显示正常但会索要不必要的权限。输入攻击者提供的邀请码后，隐藏的间谍程序即被激活。获取权限后，应用将静默上传敏感数据至攻击者控制的服务器。 策略升级与跨平台特性 Zimperium实验室的最新分析显示，恶意软件策略持续演变： Android端：新样本已从清单文件中移除短信权限，但保留窃取短信的代码，表明攻击者正尝试规避安全扫描。 iOS端：改用恶意移动配置描述文件替代传统应用安装。用户授权后，攻击者无需应用即可获取联系人、照片及设备信息。 攻击基础设施 攻击者注册了88个独立域名，其中70余个用于分发恶意软件。至少25个域名被谷歌等搜索引擎收录，并通过“约会”“文件共享”等常见关键词提升排名，使钓鱼页面更具欺骗性。目前累计发现250余个Android恶意样本，部分样本甚至完全省略关键权限以躲避检测，但仍持续窃取数据。 技术与社会工程的结合 该活动将技术手段与社会工程深度融合。典型案例中，一名经历分手的男性用户被虚假约会资料诱导，通过钓鱼链接下载应用并输入邀请码后设备遭入侵。攻击者利用窃取的私密视频对其进行敲诈，威胁向家人公开内容。 Zimperium建议用户：警惕索要邀请码或非常规权限的应用，避免使用第三方应用商店，并定期检查设备配置描述文件与安全设置。 SarangTrap行动目前仍处于活跃进化状态，使得用户保持警惕变得尤为重要。       消息来源：infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

生态的斗争

由于环境异常，请完成验证后继续访问。

A vulnerability, which was classified as critical, has been found in Oracle Hyperion Financial Reporting 11.2.20.0.000. Affected by this issue is some unknown functionality of the component Workspace. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2025-50108. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Financial Services Analytical Applications Infrastructure 8.0.7.8/8.0.8.5/8.0.8.6/8.1.1.4/8.1.2.5. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-53031. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in CommScope Ruckus Unleashed. It has been declared as critical. Affected by this vulnerability is the function stamgr_cfg_adpt_addStaFavourite/stamgr_cfg_adpt_addStaIot of the file /admin/_conf.jsp of the component Authenticated Endpoint. The manipulation of the argument Hostname leads to format string. This vulnerability is known as CVE-2025-46121. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in cnhcit Haichang OA 1.0.0. It has been rated as critical. Affected by this issue is the function hcit.project.rte.agents.UploadImages.class. The manipulation of the argument if leads to sql injection. This vulnerability is handled as CVE-2024-32323. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Mingyu Security Gateway and classified as critical. Affected by this vulnerability is an unknown functionality of the file /log/fw_security.mds. The manipulation of the argument log_type leads to command injection. This vulnerability is known as CVE-2023-47356. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in CommScope Ruckus Unleashed. This affects an unknown part of the file /admin/_conf.jsp of the component Configuration Endpoint. The manipulation leads to format string. This vulnerability is uniquely identified as CVE-2025-46123. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OA EKP 16. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ui/sys_ui_extend/sysUiExtend.do. The manipulation leads to permission issues. This vulnerability is known as CVE-2023-41566. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in CADImage Plugin on IrfanView. It has been rated as critical. Affected by this issue is some unknown functionality of the component CGM File Parser. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-7234. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in AdGuard Plugin up to 1.11.21 on macOS. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to sensitive information in log files. This vulnerability is known as CVE-2025-51497. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Island Lake WebBatch and classified as critical. Affected by this issue is some unknown functionality of the component URL Handler. The manipulation leads to code injection. This vulnerability is handled as CVE-2025-53867. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

2025-07-256 min readOn July 23, 2025, the White House unveiled its AI Action Plan (Plan), a signific

The White House AI Action Plan is a pivotal policy document outlining the current administration's priorities and deliverables in AI to establish American AI as the gold standard for AI worldwide.

文章解释了错误代码521的原因及其解决方法。

HackerNews 编译，转载请注明出处： 威胁组织EncryptHub（又名Larva-208）通过入侵Steam平台游戏《Chemia》，向不知情用户分发信息窃取类恶意软件。 近日，该黑客组织将恶意二进制文件植入由“Aether Forge Studios”开发的生存制作类游戏《Chemia》中。该游戏目前以“抢先体验”形式登陆Steam，尚未公布正式发行日期。 据威胁情报公司Prodaft分析，攻击始于7月22日。EncryptHub在游戏文件中添加了恶意软件HijackLoader（文件名CVKRUTNP.exe），该程序在受害设备上建立持久化机制，并下载信息窃取程序Vidar（文件名v9d9d.exe）。研究人员发现，恶意软件通过某Telegram频道获取命令与控制（C2）服务器地址。 三小时后，攻击者再次通过DLL文件（cclib.dll）植入第二款恶意软件Fickle Stealer。该文件利用PowerShell脚本（worker.ps1）从域名soft-gets[.]com获取主载荷。Fickle Stealer专门窃取浏览器存储数据，包括账户凭证、自动填充信息、Cookie及加密货币钱包数据。该恶意软件去年曾被EncryptHub用于大规模鱼叉式钓鱼攻击，导致全球超六百家组织沦陷。 此威胁组织在黑客领域行为特殊：既恶意利用Windows零日漏洞，又曾向微软负责任的披露关键漏洞。Prodaft在报告中指出：“被篡改的可执行文件对Steam用户显示为合法程序，这种攻击依赖平台信任而非传统欺骗手段，形成高效的社会工程陷阱。当用户在免费游戏中点击《Chemia》的‘测试版’时，实际下载的是恶意软件。” 恶意软件在后台静默运行，不影响游戏性能，玩家难以察觉异常。目前尚不清楚EncryptHub如何将恶意文件植入游戏项目，推测可能有内部人员协助。游戏开发商未在Steam页面或社交媒体发布任何声明。 截至发稿，《Chemia》仍可于Steam下载，无法确认最新版本是否已清除恶意代码。建议用户等待Steam官方公告前避免接触该游戏。 此为Steam平台2025年第三起恶意软件事件：此前3月《Sniper: Phantom’s Resolution》与2月《PirateFi》均曾中招。三款游戏均为“抢先体验”阶段作品，表明Steam对此类内容的审核机制可能存在疏漏。用户下载开发中游戏时需保持警惕。 本次攻击的入侵指标（IOC）已公开。       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Oracle Database Server up to 19.27/21.18/23.8. Affected by this issue is some unknown functionality of the component Materialized View Component. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2025-50066. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle BI Publisher 7.6.0.0.0/8.2.0.0.0/12.2.1.4.0 and classified as critical. This vulnerability affects unknown code of the component Web Server. The manipulation leads to improper authorization. This vulnerability was named CVE-2025-50060. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.