Aggregator

HackingTeam被攻陷全纪录 by ourren

如何准确溯源归因攻击者—普华永道的比较归因框架 by ourren

AsyncRAT分析与网空测绘 by ourren

DARPA 2026年度预算重点项目清单 by ourren

国家自然科学基金委员会2024年度报告 by ourren

互联网域间路由系统的关键挑战与技术创新白皮书 by ourren

更多最新文章，请访问SecWiki

Linen Typhoon, Violet Typhoon and Storm-2603 are behind the initial attack spree that erupted over the weekend. Other threat groups are now following suit.

The post Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups appeared first on CyberScoop.

APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian company Amnban, Sharif Advanced Technologies, in a significant cybersecurity incident. Launched in 2018 with credentials from Sharif University and Amir Kabir alumni, Amnban presented itself as a legitimate penetration testing […]

The post Iranian Hackers Target Global Airlines to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mozilla 释出了 Firefox 141.0。主要新特性包括：自动管理标签页，本地 AI 模型能识别相似的标签页自动组织成组，甚至能为名称提供建议，这些信息都保存在本地不会泄漏到网上；垂直标签用户可以调整侧边栏底部工具区域的大小；Linux 版本减少了内存占用，通过包管理器更新后不会强制重新启动；向巴西、西班牙和日本用户启用地址自动填充功能；地址栏可用作单位转换器，支持长度、温度、质量、力和角度测量单位以及时区；Windows 版本启用 WebGPU API，等等。

Кибератаки обрушились на компании с невиданной силой — 1984 удара в неделю.

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well to obtain initial access to

数十年来，航天机构一直提出将月球作为探索宇宙深处的前哨基地的想法。然而为月球基地提供足够的资源尤其是水以支持居民生活，一直是极大的障碍。根据研究，通过火箭运输一加仑水的成本约为 8.3 万美元，而每位宇航员每天大约需要饮用 4 加仑水。香港中文大学王璐团队开发了一种技术，既能从月球土壤中提取水，又能直接利用这些水将宇航员呼出的二氧化碳转化为一氧化碳和氢气，进而用于制造燃料和供宇航员呼吸的氧气。这项技术通过一种新颖的光热策略实现了这一目标，即将太阳光转化为热能。科学家们使用嫦娥任务收集的月壤样本、模拟月球样本和一个充满二氧化碳气体的批量处理反应器测试了这项技术，该反应器使用光聚焦系统来驱动光热过程。研究团队使用钛铁矿（一种重质黑色矿物，也是月球土壤中报告的几种含水矿物之一）来测量光热活性，并分析该过程的机制。尽管实验室取得了成功，但研究人员强调目前的催化性能不足以完全支持人类在地球以外的环境生存。

A widespread RFQ scam exploited net payment terms to fraudulently obtain high-value devices

参宿四，这颗夜空中最亮的红超巨星，终于被发现不再孤单！天文学家利用位于夏威夷的北双子星望远镜，首次直接拍摄到一颗紧贴着它的小伴星，这颗恒星暂时被命名为 Siwarha（阿拉伯语意为「她的手镯」）。新发现的恒星是一颗小而微弱的伴星，绕行参宿四的距离极近。虽然探测极为困难，但它的存在与过去的理论预测吻合，这一发现标志着重大突破。另一方面，这对双星最令人惊讶的是它们的演化步调大相径庭：参宿四已走向生命尽头，而 Siwarha 还未踏上主序星阶段，核心尚未开始氢核融合反应。虽然它们同时诞生，但由于质量差异，进程可说是各走极端。参宿四是夜空中最亮的恒星之一，也是距离地球最近的红超巨星，约 548 光年远，半径约为太阳的 700 倍，质量高达 19 倍。尽管它的年龄仅有一千万年，却已迈入生命晚期，预计在未来 10 万年内以壮观的超新星爆炸结束生命。参宿四与 Siwarha 可能同时诞生，但潮汐力将导致伴星最终被吞噬，科学家推测这场吞噬可能在一万年内发生。Siwarha 甚至可能在参宿四爆炸成超新星时被摧毁。

As Microsoft puts the final patch in place, a growing number of hackers, including several China state-sponsored threat groups, are quickly pushing forward to exploit the security flaws that will allow them compromise on-premises SharePoint servers to steal data and maintain persistence.

The post Microsoft Patches SharePoint Flaws as Hackers Rush to Exploit Them appeared first on Security Boulevard.

Hexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates document and form management with integrations like Microsoft Word macros and Jython scripting, has been found susceptible to exploits ranging from reflected cross-site scripting (XSS) to XML External Entity (XXE) […]

The post ETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single Space appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed the first exploitation attempts on July 7th, with the target being a major Western government. That date not only precedes the publication of the screenshot of the ToolShell exploit chain (CVE-2025-49706 + CVE-2025-49704) in action … More →

The post Microsoft pins on-prem SharePoint attacks on Chinese threat actors appeared first on Help Net Security.

Хотите вернуть Lorem ipsum и sample.xlsx? Гоните выкуп!

A vulnerability has been found in Chaindesk up to 2025-05-26 and classified as problematic. This vulnerability affects unknown code of the component Agent Chat. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-51859. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in ChatPlayground.ai up to 2025-05-24. This affects an unknown part of the component Chat. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-51858. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Omnishop Plugin up to 1.0.9 on WordPress. Affected by this issue is the function permission_callback of the file /users/delete of the component REST Endpoint. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-6214. The attack may be launched remotely. There is no exploit available.

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center have issued an urgent joint advisory warning of escalating attacks by the Interlock ransomware group, which has been targeting businesses and critical infrastructure sectors since late September 2024. The newly emerged Interlock variant represents […]

The post CISA Warns of Interlock Ransomware With Double Extortion Tactics Attacking Windows and Linux Systems appeared first on Cyber Security News.

A vulnerability classified as problematic was found in Fleetwire Fleet Management Plugin up to 1.0.19 on WordPress. Affected by this vulnerability is the function fleetwire_list of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-6261. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Featured Image Plus Plugin up to 1.6.4 on WordPress. Affected is the function fip_get_image_options. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2025-5818. It is possible to launch the attack remotely. There is no exploit available.