Aggregator
ShellCode加载器 | 基于Go语言的shellcode加载器常见实现方式详解
CyberQP launches Zero Trust Helpdesk Security Platform
CyberQP has launched its Zero Trust Helpdesk Security Platform—combining QGuard for Privileged Access Management (PAM) and QDesk for End-User Access Management (EUAM). This unified solution helps IT teams reduce risk, improve efficiency, and eliminate standing privileges across the organization. A key innovation of the platform is End-User Elevation, which allows users to gain temporary admin access without persistent privileges. By automating approval processes and monitoring activity in real-time, CyberQP dramatically reduces attack surfaces while maintaining … More →
The post CyberQP launches Zero Trust Helpdesk Security Platform appeared first on Help Net Security.
CVE-2025-3163 | InternLM LMDeploy up to 0.7.1 lmdeploy/docs/en/conf.py open code injection (Issue 3254)
CVE-2025-3162 | InternLM LMDeploy up to 0.7.1 PT File utils.py load_weight_ckpt deserialization (Issue 3255)
Submit #542528: tencentmusic supersonic 0.9.8 Code Injection [Accepted]
Submit #542527: InternLM lmdeploy <=0.7.1 Code Injection [Accepted]
Submit #542520: InternLM lmdeploy <=0.7.1 Deserialization [Accepted]
CVE-2025-3161 | Tenda AC10 16.03.10.13 /goform/ShutdownSetAdd list stack-based overflow
Submit #542441: SourceCodester Gym Management System Project In PHP and MySQL Free Source Code V1.0 SQL Injection [Duplicate]
Medical Imaging Practice Notifying Patients of Recent Hack
An Arizona-based medical imaging practice with locations in 11 states is notifying patients that their data was compromised in a January cyberattack. Litigation filed against the company allege ransomware gang Medusa stole sensitive data pertaining to at least 132,000 people in the incident.
North Korean IT Scammers Targeting European Companies
North Koreans posing as remote IT workers have spread to Europe, where one Pyongyang fraudster assumed at least 12 personas to target companies in Germany, Portugal and the United Kingdom. Western companies have grappled for years with the prospect of unintentionally hiring a North Korean national.
Cyberhaven's $100M Raise Targets Gen AI, DSPM Capabilities
Cyberhaven is building a data security platform to address evolving risks in generative AI, DSPM and beyond. Backed by $100 million, CEO Howard Ting says the firm will use the funds to expand its portfolio and go-to-market footprint while staying independent.
Experts Warn Congress Another Salt Typhoon Attack Is Coming
Experts told lawmakers on Wednesday that without urgent federal action to strengthen cyber defenses and additional efforts to improve the cybersecurity practices of some of the highest ranking government officials, another Salt Typhoon attack could be just around the corner.
Defense in Depth is Broken – It’s Time to Rethink Cybersecurity
Breaking down why traditional defense-in-depth strategies fail and what security teams must do to truly outsmart attackers.
The post Defense in Depth is Broken – It’s Time to Rethink Cybersecurity appeared first on Security Boulevard.
CVE-2025-3160 | Open Asset Import Library Assimp 5.4.3 File SceneCombiner.cpp AddNodeHashes out-of-bounds (Issue 6025)
CVE-2025-3159 | Open Asset Import Library Assimp 5.4.3 ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflow (Issue 6024)
CVE-2025-3158 | Open Asset Import Library Assimp 5.4.3 LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow (Issue 6023)
Submit #542437: Shenzhen Tenda Technology Co., Ltd. Tenda AC10 V4.0 V16.03.10.13 Router V16.03.10.13 Stack-based Buffer Overflow [Accepted]
GoResolver: A Powerful New Tool for Analyzing Golang Malware
Analyzing malware has become increasingly challenging, especially with the growing popularity of programming languages like Golang. Golang, or Go, has captivated developers for its extensive features but has also proven to be an attractive choice for malware authors, thanks to its embedded libraries, sizable binaries, and potential for obfuscation. To combat these challenges, Volexity has […]
The post GoResolver: A Powerful New Tool for Analyzing Golang Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.