Aggregator
EDR技术革命:从被动防御到智能反制的进化之路
1 year 5 months ago
EDR技术革命:从被动防御到智能反制的进化之路
1 year 5 months ago
How AI-driven identity fraud is causing havoc
1 year 5 months ago
Deepfake fraud, synthetic identities, and AI-powered scams make identity theft harder to detect and prevent – here's how to fight back
EDR技术革命:从被动防御到智能反制的进化之路
1 year 5 months ago
Пресса США в осаде: хакеры остановили работу 427 американских изданий
1 year 5 months ago
Миллионы американцев остались без привычного утреннего чтения газет.
CVE-2025-1226 | ywoa up to 2024.07.03 /oa/setup/setup.jsp improper authorization (IBI7PG)
1 year 5 months ago
A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown code of the file /oa/setup/setup.jsp. The manipulation leads to improper authorization.
This vulnerability was named CVE-2025-1226. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
8Base勒索软件团伙在普吉岛被端,4名嫌疑人被捕
1 year 5 months ago
国际联合行动重拳出击,8Base勒索软件团伙在泰国普吉岛被一网打尽。
科锐软件逆向52期预科班、正式班开始火爆招生报名啦!!!
1 year 5 months ago
欢迎您加入科锐!和正能量的同学们一同前行!用汗水挥洒青春,用拼搏诠释梦想!
炸弹指令何处来?
1 year 5 months ago
新来的小伙伴Denny在使用JS脚本测试NDB时遇到拦路虎,node进程打印出下面这个信息后就崩溃闪退了。
Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
1 year 5 months ago
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.
NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing them to monitor the device's screen in real-time, control the keyboard and mouse, upload and download
The Hacker News
$16 млн и 1000 жертв: как хакеры Phobos попались в ловушку спецслужб
1 year 5 months ago
Криптовалютные схемы и анонимность не спасли преступников от правосудия.
医疗数据遭窃:Embargo 团伙与多起黑客事件揭秘
1 year 5 months ago
安全客
CVE-2025-26409 | Wattsense Bridge up to 6.4.0 missing protection mechanism for alternate hardware interface
1 year 5 months ago
A vulnerability was found in Wattsense Bridge up to 6.4.0. It has been classified as critical. This affects an unknown part. The manipulation leads to missing protection mechanism for alternate hardware interface.
This vulnerability is uniquely identified as CVE-2025-26409. It is possible to launch the attack on the physical device. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-26410 | Wattsense Bridge up to 6.4.0 hard-coded credentials
1 year 5 months ago
A vulnerability was found in Wattsense Bridge up to 6.4.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials.
This vulnerability is handled as CVE-2025-26410. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-26411 | Wattsense Bridge prior 6.1.0 Plugin Manager unrestricted upload
1 year 5 months ago
A vulnerability has been found in Wattsense Bridge and classified as critical. Affected by this vulnerability is an unknown functionality of the component Plugin Manager. The manipulation leads to unrestricted upload.
This vulnerability is known as CVE-2025-26411. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
USB Army Knife – A Powerful Red Team Tool for Penetration Testers
1 year 5 months ago
The USB Army Knife is a versatile red-teaming tool for penetration testers that emulates a USB Ethernet adapter for traffic capture, enables custom attack interfaces, and functions as covert storage all in one compact device. This multi-functional firmware combines a variety of attack vectors into a single compact device, complete with a color LCD screen. […]
The post USB Army Knife – A Powerful Red Team Tool for Penetration Testers appeared first on Cyber Security News.
Balaji N
OpenAI Was Not Breached, Say Researchers
1 year 5 months ago
Kela researchers explain that infostealers are to blame for compromised OpenAI logins
Пасьянс на Луне: NASA испытала новый космический компьютер
1 year 5 months ago
Компьютер размером с ладонь выживает там, где другие сдаются.
CVE-2025-0589 | Octopus Deploy Octopus Server up to 2024.3.13070/2024.4.7064 API Endpoints improper authentication
1 year 5 months ago
A vulnerability, which was classified as critical, was found in Octopus Deploy Octopus Server up to 2024.3.13070/2024.4.7064. Affected is an unknown function of the component API Endpoints. The manipulation leads to improper authentication.
This vulnerability is traded as CVE-2025-0589. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com