Aggregator

本周，互联网网络安全态势整体评价为良。

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-11371 (CVSS score: 7.5) - A vulnerability in files or directories accessible to

大华智慧园区综合管理平台审计

麒麟（Qilin）勒索软件被发现滥用 Windows Subsystem for Linux(WSL)在 Windows 操作系统中执行 Linux 加密器以逃避传统安全工具的检测。麒麟勒索软件最初的名字叫 Agenda，2022 年 9 月改名为麒麟，沿用至今，它是目前最活跃的勒索软件之一。安全公司趋势科技和思科 Talos 报告，麒麟勒索软件组织今年至今攻击了 62 个国家的逾 700 名受害者，2025 年下半年每月新增受害者逾 40。趋势科技的安全研究员报告，麒麟勒索软件组织利用 WinSCP 将 Linux ELF 加密器传输到入侵的设备，然后通过 Splashtop 远程管理软件 (SRManager.exe) 直接在 Windows 系统中启动加密器。该加密器无法直接在 Windows 中运行，必须通过 WSL 子系统。WSL 允许用户直接在 Windows 系统中安装和运行 Linux 发行版，攻击者在获得设备的访问权限之后，会启用或安装 WSL，然后执行加密器，绕过传统的 Windows 安全软件。

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年10月27日至2025年11月2日）安全漏洞情况如下

VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights what matters. The tool is free to use and designed for local development and testing. The platform’s scoring engine cuts up to 90 percent of noise by applying contextual factors such as exploit likelihood and asset importance. Every score comes with a full calculation breakdown, so users can see exactly how … More →

The post VulnRisk: Open-source vulnerability risk assessment platform appeared first on Help Net Security.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Demeng Chen, and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-11-05, 101 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.7 AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Hillel Pinto' was reported to the affected vendor on: 2025-11-05, 101 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Interrupt Labs' was reported to the affected vendor on: 2025-11-05, 92 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.3 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H severity vulnerability discovered by 'Nitesh Surana (niteshsurana.com) of Trend Research' was reported to the affected vendor on: 2025-11-05, 101 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'George Karchemsky (@gkarchemsky)' was reported to the affected vendor on: 2025-11-05, 101 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Vera Mensa of Claroty Research - Team82' was reported to the affected vendor on: 2025-11-05, 65 days ago. The vendor is given until 2026-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

近日，公安部发布的2025年第1号《中华人民共和国公安部公共安全行业标准公告》，由公安部信息系统安全标准化技术委员会归口的8项公共安全行业标准正式发布。

GlassWorm背后的同一批威胁者已转向GitHub平台，他们采用相同的Unicode隐写术技巧隐藏恶意负载。

A vulnerability labeled as critical has been found in Riello Netman 204 up to 4.05. This impacts an unknown function. Executing manipulation can lead to sql injection. This vulnerability is handled as CVE-2024-8877. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in Vicidial 2.14-917a. It has been classified as critical. The affected element is an unknown function. Performing manipulation results in os command injection. This vulnerability is reported as CVE-2024-8504. The attacker must have access to the local network to execute the attack. Moreover, an exploit is present.

A vulnerability was found in Vicidial 2.14-917a. It has been declared as critical. The impacted element is an unknown function. Executing manipulation can lead to sql injection. This vulnerability appears as CVE-2024-8503. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability marked as very critical has been reported in Riello Netman 204 up to 4.05. Affected is an unknown function of the component Forgotten Password Handler. The manipulation leads to weak password recovery. This vulnerability is uniquely identified as CVE-2024-8878. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability, which was classified as problematic, has been found in Apple iOS and iPadOS up to 26.0. This impacts an unknown function of the component Keyboard Suggestion Handler. This manipulation causes information disclosure. This vulnerability is tracked as CVE-2025-43452. It is feasible to perform the attack on the physical device. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability was found in Apple visionOS, watchOS, iOS and iPadOS up to 26.0. It has been rated as problematic. Impacted is an unknown function of the component App. Performing manipulation results in information disclosure. This vulnerability is cataloged as CVE-2025-43507. The attack must be initiated from a local position. There is no exploit available. Upgrading the affected component is advised.