Aggregator

当前环境出现异常情况,需完成验证后方可继续访问。

探讨普通EEPROM的数据恢复可能性，涉及写入次数、浮栅衰减、激光注入等方法，并讨论高温擦除的可靠性。

At first glance, it appeared to be a typical browser extension — a sleek interface, a simple and intuitive color-picking function, high user ratings, and hundreds of glowing reviews. Yet behind this seemingly benign...

The post RedDirection Campaign: 2.3 Million Users Hit by Malicious Chrome & Edge Extensions appeared first on Penetration Testing Tools.

Parrot Security OS 6.4 has been officially released, marking the final iteration of the sixth generation of this cybersecurity-focused Linux distribution. The development team has refreshed core components, introduced new tools, and begun preparations...

The post Parrot Security OS 6.4 Released: The Final 6.x Iteration with New Tools & Debian 13 Prep appeared first on Penetration Testing Tools.

音乐播放器项目 Amarok 释出了 v3.3 版，这是首个基于 KDE Frameworks 6 和 Qt 6 的版本。Amarok 3.3 大改了音频引擎，使用 GStreamer 而不是 Phonon 播放音频。主要变化包括：停止支持 Qt5/KF5，更新了数据库字符集允许完整的 utf-8 值；解决了 2038 年问题，等等。

As electric vehicles steadily weave themselves into the fabric of everyday life, the essential infrastructure that powers them—charging stations—faces a mounting and deeply concerning threat. A study by security researcher Brandon Perry reveals that...

The post EV Charging Under Attack: New Vulnerabilities Threaten Vehicles & Grids appeared first on Penetration Testing Tools.

iOS научилась распознавать наготу прямо во время разговора.

一次付费：终身学习 + 持续更新

微软修复 Windows 高危远程代码执行漏洞

看雪论坛作者ID：NSky99

当前网络环境出现异常，需完成验证后方可继续访问。

当前环境出现异常问题，需完成验证后方可继续访问。

当前环境出现异常状态，需完成验证后才能继续访问系统或相关内容。

On the second Tuesday of July, Microsoft released its customary Patch Tuesday update package, addressing 137 vulnerabilities across a range of the company’s products. Among them, a particularly notable zero-day vulnerability in Microsoft SQL...

The post Microsoft’s July Patch Tuesday: 137 Fixes & a Publicly Disclosed SQL Server Zero-Day appeared first on Penetration Testing Tools.

As of July 7, Android users began encountering an unexpected expansion in the capabilities of Gemini, the system-integrated artificial intelligence. It now has access to widely used apps such as WhatsApp, Messages, and Phone—even...

The post Android Privacy Alert: Google Gemini Now Accesses Your WhatsApp, Messages & Calls appeared first on Penetration Testing Tools.

这篇文章介绍了ClickFix技术作为一种社会工程学手段被用于网络攻击的情况。通过伪装成快速修复计算机问题的步骤，攻击者诱导用户执行恶意命令或下载恶意软件。文中分析了三种主要的ClickFix攻击活动：NetSupport远程访问木马（RAT）、Latrodectus恶意软件和Lumma Stealer窃取器，并详细描述了它们的传播方式和技术细节。此外，文章还提供了检测和防御ClickFix攻击的方法，并强调了提升员工安全意识的重要性。

According to a report by Morphisec, the Iranian threat group Pay2Key.I2P has intensified its operations amid escalating tensions in the Middle East. The group is now offering larger payouts to hacker affiliates who participate...

The post Iranian Ransomware Group Pay2Key.I2P Escalates Attacks on US & Israel appeared first on Penetration Testing Tools.

一位用户尝试通过Kali和Burp Suite对Instagram iOS应用进行离线暴力破解OTP的挑战。由于仅限于自己的设备发起会话请求，用户计划模拟请求并拦截后尝试本地破解。用户询问这种方法是否可行或是否为死胡同，并提到Instagram的限流机制和之前token hijacking未被重视的情况。

The seventh month is always a big one for Microsoft, and this year is no exception