Aggregator
日本最大的出租车运营商因遭网络攻击被迫关闭系统
22 hours 33 minutes ago
速修复
ServiceNow 严重漏洞导致远程攻击者执行恶意代码
22 hours 33 minutes ago
速修复
日本最大的出租车运营商因遭网络攻击被迫关闭系统
22 hours 33 minutes ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
ServiceNow 严重漏洞导致远程攻击者执行恶意代码
22 hours 33 minutes ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
US sanctions VPN, malware providers for enabling ransomware attacks
22 hours 34 minutes ago
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. [...]
Sergiu Gatlan
国产卡万亿参数模型发布背后,美团的 AI 人才决心
22 hours 34 minutes ago
但「和现有业务结合」并非美团做大模型的唯一出发点。
Millions of Microsoft Entra Accounts Targeted in OAuth Client ID Spoofing Campaigns
22 hours 44 minutes ago
Proofpoint details how attackers spoof OAuth client IDs to probe Microsoft Entra accounts, test credentials and bypass common sign-in detections at cloud scale.
Waqas
啃穿 BoneChewerCon:从 jku 伪造到 CRLF 劫持 Bot 的 Flag 外带链
22 hours 44 minutes ago
本文复盘 HackTheBox Challenge「BoneChewerCon」的完整利用链。题目表面是一个 CFP 提交系统,核心突破点却隐藏在 JWT、CSP 与 Nginx 重定向逻辑的组合缺陷中。通过利用 jku URL 解析不一致,攻击者可让服务端拉取自建 JWKS,从而伪造 admin JWT;随后借助 JWT 中 token 字段污染 CSP,放开内联脚本与外连限制;最后利用 Ngi
wmi恶意订阅语句分析
22 hours 45 minutes ago
WMI事件订阅是APT常用的无文件权限维持手段,隐蔽性高、检测困难。本文从攻击原理到应急响应,拆解EventFilter、Consumer与Binding的完整利用链。
对手机远程协助控制apk的行为分析与风险探测
22 hours 47 minutes ago
结合jadx进行二进制逆向分析
社区速递 149 | 派友热议睡眠数据化、观穹 6×24 望远镜与 RG Rotate 旋转屏掌机
22 hours 47 minutes ago
除了首页时间流和侧栏的精选展位,少数派 Matrix 社区还有很多优秀内容因条件所限无法得到有效曝光,因此我们决定重启 Matrix 周报,并在此基础上添加更多社区内容、作者投稿新玩意呈现给大家。上周
The inside job that cost ransomware victims millions
22 hours 48 minutes ago
When a ransomware crew locks up your servers, the outside negotiator you hire has to know eve
从XKCD到AI Agent:当"Nerd Sniping"成为攻击向量
22 hours 53 minutes ago
Nerd Sniping 从 XKCD 漫画的概念演变为 AI Agent 安全攻击向量——攻击者通过构造"看似可解、实则无底"的问题,诱导 Agent 陷入递归思考和无限推理,消耗 token、泄露系统指令、触发工具滥用。防御的核心是让 Agent 学会"思考更少"——给它的思考能力装上刹车。
CVE-2026-31447 | Linux Kernel up to 6.19.10 ext4 s_first_data_block privilege escalation (Nessus ID 313522 / WID-SEC-2026-1252)
22 hours 53 minutes ago
A vulnerability has been found in Linux Kernel up to 6.19.10 and classified as critical. Affected is the function s_first_data_block of the component ext4. The manipulation leads to privilege escalation.
This vulnerability is uniquely identified as CVE-2026-31447. The attack can only be initiated within the local network. No exploit exists.
The affected component should be upgraded.
vuldb.com
CVE-2026-31445 | Linux Kernel up to 6.18.20/6.19.10 damon_call null pointer dereference (Nessus ID 310613 / WID-SEC-2026-1252)
22 hours 53 minutes ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.18.20/6.19.10. Affected by this vulnerability is the function damon_call. Performing a manipulation results in null pointer dereference.
This vulnerability is known as CVE-2026-31445. Access to the local network is required for this attack. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-31446 | Linux Kernel up to 6.19.10 mb_groups ext4_unregister_sysfs use after free (Nessus ID 313522 / WID-SEC-2026-1252)
22 hours 53 minutes ago
A vulnerability classified as critical was found in Linux Kernel up to 6.19.10. Affected by this issue is the function ext4_unregister_sysfs of the file /proc/fs/ext4/xx/mb_groups. Executing a manipulation can lead to use after free.
This vulnerability is handled as CVE-2026-31446. The attack can only be done within the local network. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-31444 | Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10 smb_grant_oplock use after free (Nessus ID 310603 / WID-SEC-2026-1252)
22 hours 53 minutes ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10. This impacts the function smb_grant_oplock. Executing a manipulation can lead to use after free.
This vulnerability is handled as CVE-2026-31444. The attack can only be done within the local network. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2026-31443 | Linux Kernel up to 6.18.20/6.19.10 dmaengine denial of service (WID-SEC-2026-1252)
22 hours 53 minutes ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.18.20/6.19.10. This affects an unknown function of the component dmaengine. Performing a manipulation results in denial of service.
This vulnerability is known as CVE-2026-31443. Access to the local network is required for this attack. No exploit is available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-15685 | Ollama 0.7.1 Download Blob downloadBlob array index (WID-SEC-2026-2298)
22 hours 53 minutes ago
A vulnerability identified as problematic has been detected in Ollama 0.7.1. This affects the function downloadBlob of the component Download Blob. Performing a manipulation results in improper validation of array index.
This vulnerability is reported as CVE-2026-15685. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com