Aggregator

Law enforcement agencies across Europe and North America have arrested five individuals linked to the Smokeloader botnet service as part of Operation Endgame’s second phase.  This follow-up action, conducted in early April 2025, specifically targeted the “customers” of the notorious pay-per-install malware service operated by a threat actor known as ‘Superstar’. Customers deployed malware for […]

The post Authorities Seized Smokeloader Malware Operators & Seized Servers appeared first on Cyber Security News.

这个漏洞比较老了，而且复现起来没有特别复杂，漏洞编号是`CVE-2017-17215`,`CVE-2017-17215`是`CheckPoint`团队披露的远程命令执行（`RCE`）漏洞，存在于华为`HG532`路由器中。

传统文件包含漏洞利用通常依赖攻击者上传恶意文件，或利用服务端临时文件（如session.upload_progress）实现代码执行。但PHP的Pear组件却打破了这一限制：当服务器满足register_argc_argv=On配置时，攻击者可通过精心构造的URL参数，将Web请求伪装成命令行参数，直接操纵pearcmd.php执行高危操作

PicHome是一款功能强大的开源网盘程序，它不仅能高效管理各类文件，还在图像和媒体文件管理方面表现出色。其亮点包括强大的文件共享功能和先进的AI辅助管理工具，为用户提供了便捷、智能的文件管理体验。

无限接近真实系统的靶机环境

A vulnerability was found in BoldGrid Easy SEO Plugin up to 1.6.13 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Meta Description Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-1692. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Unlimited Elements for Elementor Plugin up to 1.5.96 on WordPress. This affects an unknown part of the component Widget Link. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-0367. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Ultimate Addons for Beaver Builder Plugin up to 1.5.7 on WordPress. This vulnerability affects unknown code of the component Button Widget. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-2141. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Ecwid Ecommerce Shopping Cart Plugin up to 6.12.10 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-2456. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in List Category Posts Plugin up to 0.89.6 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-1051. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Ultimate Addons for Beaver Builder Plugin up to 1.5.7 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Image Separator Widget. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-2144. The attack may be initiated remotely. There is no exploit available.

Невидимые шпионы проникли в сердце финансовой системы крупнейшей экономики мира.

Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet offers a range of FortiSwitch networking appliances, including access switches, distribution switches (for managing traffic), industrial/rugged switches, and core switches designed for data centers. Fortinet describes CVE-2024-48887 as an unverified password change vulnerability in the FortiSwitch … More →

The post FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) appeared first on Help Net Security.

2025 数字中国创新大赛数字安全赛道数据安全产业积分争夺赛初赛题解

速修复

该攻击采取了双管齐下的方法：攻陷 CRM 和大批量的邮件提供商以及部署新型的“密币助记词”钓鱼攻击。

CTF

IPFire has announced the release of version 2.29 (Core Update 193), introducing significant enhancements to the Linux-based firewall distribution.  This update brings forward-thinking security features, including post-quantum cryptography support for IPsec tunnels and major toolchain upgrades that strengthen the system’s core infrastructure. Post-Quantum Cryptography Implementation The standout feature in IPFire 2.29 is the implementation of […]

The post Linux Firewall IPFire 2.29 Released With Support for Post-Quantum Cryptography & Core Updates appeared first on Cyber Security News.