Aggregator

Defunct Ransomware Group's Diaspora Includes Hackers With Focus on Microsoft Teams
Based on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices.

Ocuco and Episource Breaches Affect Health Sector Clients, Patients
An Ireland-based provider of eye care practice software and a California-based medical coding services firm have reported separate hacking incidents to U.S. and state regulators that have likely affected dozens of their clients and hundreds of thousands of people.

Analysts Warn US Infrastructure May Be Next as Iran Plans Missile Strike Response
Israel’s strike on Iranian military and nuclear targets has triggered fears of retaliatory cyberattacks, with analysts warning that Tehran may escalate disruptions against U.S. and Israeli critical infrastructure through proxy campaigns, brute-force attacks or coordinated DDoS strikes.

Startup Boosts AI-Driven Detection, MSP Channel Outreach and Hiring With Series B
Guardz has secured $56 million to deepen AI-powered threat detection and enhance automation for MSPs. The Series B funding will support platform engineering, channel marketing and operational scaling as Miami-based Guardz targets a simplified and consolidated cybersecurity future.

Currently trending CVE - Hype Score: 16 - Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

Currently trending CVE - Hype Score: 15 - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Currently trending CVE - Hype Score: 28 - An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and ...

Currently trending CVE - Hype Score: 27 - SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration ...

Currently trending CVE - Hype Score: 37 - Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Currently trending CVE - Hype Score: 31 - Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

Currently trending CVE - Hype Score: 15 - Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Currently trending CVE - Hype Score: 44 - Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

Currently trending CVE - Hype Score: 25 - External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.

Currently trending CVE - Hype Score: 2 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being ...

本文系统地介绍了在渗透测试与内网攻防中至关重要的 Linux 提权技术。先阐述了权限划分的基本原理，包括用户与用户组、文件权限、特殊权限（SUID、SGID、SBIT）等核心概念；然后通过自动化工具与手动命令详细说明了信息收集阶段的关键操作，如系统版本、用户信息、明文密码及 SSH 密钥的获取方式。文章重点介绍了几类常见提权手法，包括内核漏洞利用、/etc/passwd 伪造、Docker 容器逃

大语言模型幻觉目前相对来说已经对比前两年好很多了，但是对于过于复杂的场景或者大模型未进行训练的数据可能还是会回答错误和不准确，因此这里通过简单的几个示例来了解大语言模型幻觉到底是什么情况，且如何进行优化和优化效果对比等。从而了解打大预言模型幻觉存在的情况。

nip.io静态DNS解析技术 URL校验绕过 CSA单点票据劫持

前言ret2gets是一种利用glibc优化特性（高版本编译器）的漏洞利用技术，核心是通过gets函数配合printf/puts实现libc地址泄露。该技术适用于:存在栈溢出漏洞程序包含gets函数​缺乏直接控制rdi寄存器的gadget（如pop rdi; ret）技术原型参考: ret2gets | pwn-notes ret2gets | pwn-notes演示程序: ret2gets_d

最近在研究内存马，但是根据网上公开的资料和文章以及常见的JNDIExploit开源项目，在vulhub的fastjson 1.2.24靶场均无法复现成功，于是在深入了解jndi内存马注入的原理和流程之后，解决Tomcat8.5和Tomcat9高版本无法注入成功的问题。