Aggregator

A vulnerability was found in Discord up to 2026-01-16. It has been classified as problematic. The impacted element is an unknown function of the component WebSocket API Service. The manipulation leads to observable response discrepancy. This vulnerability is referenced as CVE-2026-24332. Remote exploitation of the attack is possible. No exploit is available. This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.

精彩纷呈的2025已经落下帷幕，回顾这一年，吾爱破解论坛佳作频出，新秀崭露头角，老将宝刀不老，一篇篇技术文章鞭辟入里、深入浅出，络绎登场，令人目不暇接。

Поможет ли новая госкомпания победить дефицит процессоров?

2026腾讯犀牛鸟精英人才计划开放申请中，2026年2月26日申请截止。

A dangerous Android malware campaign has emerged, targeting users through mobile games and pirated streaming app modifications. The threat, known as Android.Phantom, employs machine learning technology to perform automated ad-click fraud on infected smartphones. Over 155,000 downloads of compromised games have been recorded, with additional infections spreading through modified versions of Spotify, YouTube, Netflix, and […]

The post New AI-Android Malware that Auto Clicks Ads from the Infected Devices appeared first on Cyber Security News.

python日志库远程代码执行漏洞(CVE-2025-27607)分析

Самый тяжелый «кот Шрёдингера» в истории.

EaseUS announced EaseUS Disk Copy 7.0.0, representing a shift in how disk cloning and backup workflows are handled on Windows. The update introduces disk imaging–based backup and restore capabilities, allowing users to create disk image and restore them to physical storage without being constrained by simultaneous hardware connections. Developed based on extensive user feedback and EaseUS’s long-term experience in data management technologies, the release reflects a strategic shift toward more flexible and scalable system protection … More →

The post EaseUS Disk Copy 7.0.0 enables backup, restore, and migration without multiple drives connected appeared first on Help Net Security.

伊朗的互联网封锁已长达 14 天。美国网络监测公司 Kentik 根据其收集的数据分析了伊朗的互联网封锁。除了互联网封锁，国际语音通信也被封锁，国内通信服务也长时间中断，对伊朗 9000 万国民而言这是历史上最严重的通信封锁事件。此次大规模封锁的第一个征兆是该国国有电信公司 TIC 的自治系统 AS49666 于 1 月 8 日 11:42 UTC 撤回其 IPv6 BGP 路由，伊朗的 IPv6 流量不到其总流量的不到 1%，对普通用户基本没影响，但它预示之后几小时发生的事。当地时间晚上 7 点（UTC 16:30）伊朗的流量开始暴降，UTC 18:45 伊朗进出流量降至几乎为零。伊朗的 IPv4 路由仍然在线，政府启用了白名单制度，只允许经过批准的用户或服务访问互联网，还有非常少的流量进出伊朗，1 月 9 日 AS6736 还为伊朗大学短暂恢复了数小时联网服务。

Most SOC teams are overloaded with routine work. Tier 1 & 2 analysts spend too much time validating alerts, moving samples between tools, and chasing missing context. When integrations are weak, investigations slow down, MTTR grows, and SLAs suffer delays. That directly increases operational risk and cost for the business.   ANY.RUN has already helped teams close part of this […]

The post ANY.RUN Sandbox & MISP Integration: Confirm Alerts Faster, Stop Incidents Early  appeared first on ANY.RUN's Cybersecurity Blog.

n8n 在处理 Webhook 请求时存在“Content-Type 混淆”逻辑缺陷。攻击者可以通过发送特制的 JSON 请求（而非预期的 Multipart 请求）欺骗解析器，从而控制请求中的文件路径。

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

新的一年既带来了全新的挑战，这些是 CISO 在 2026 年最值得推进的创新型安全项目，值得纳入年度安全规划清单。

A vulnerability was found in Tenda AX1803 1.0.0.1 and classified as critical. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2026-1329. The attack may be launched remotely. Furthermore, there is an exploit available.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Unified Communications products vulnerability, tracked as CVE-2026-20045 (CVSS score of 8.2), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Cisco patched a critical zero-day […]

Submit #736067 / VDB-342305

Submit #736066 / VDB-342305

Submit #736065 / VDB-342305

Submit #736064 / VDB-342305