Aggregator

众所周知传统的反沙盒思路是调用函数查询系统的一些配置，如时区、内存、CPU等，但是这种行为是被标记为高敏感度行为，如果写入反沙盒会适得其反。所以我们需要一种没有任何威胁的行为去把这事办了，截图是很正常的一个行为，如果我对桌面进行局部截图，检查特征进行匹配，那么就可以完成0行为的反沙盒了。

本文介绍什么是 Agent Hook，以及如何借助 Hook 机制在 AI 编程助手中实现「规范注入 + 事前拦截 + 事后扫描 + 安全审计」的安全闭环，并对公司相关信息做了脱敏处理。

该漏洞出自Xiaomi路由器BE10000 Pro 稳定版 存在授权后远程RCE漏洞

JDK17后的高版本触发toString整合

Nullbyte渗透靶场精讲，涉及信息收集，Hydra表单暴力破解，John md5哈希暴力破解，SQL注入多种利用，suid可执行文件利用提权，值得研究和学习。

基于 Vue + SpringBoot 构建的前后端分离的 Java 安全靶场，正式开源分享，内容丰富、持续更新、欢迎体验。

* 距离上次发文已经过去整整两年了，JavaScript Obfuscator版本都升级到了v5.3.0，让我们来看看它都进行了哪些优化调整和功能升级。JavaScript Obfuscator ToolJavaScript Obfuscator官网目前主推的是付费版 VM Obfuscation（虚拟机字节码混淆） 。不过，我们还是先聚焦于它免费开源部分的混淆工具来分析。首先，快速过一遍v5.3

根据源码了解pwn的常见的框架的编写

本文章主要记录cyberstrikelab的lab17打靶过程

CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on servers and databases. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 12, 2026, agencies must patch by March 5, 2026, or face federal mandates. […]

The post CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

某OA系统0Day审计过程

re的进阶的知识，补充常见的理论以及新出现的wasm类型

Winos4控制平台、木马上线环节、木马控制环节、通信模型分析

对mssql&mysql一次简洁且详细的总结

对DeepAudit多智能体漏洞挖掘系统开展黑盒审计，发现默认账户泄露、权限绕过、API未授权访问、压缩炸弹等高危漏洞。

Four Principles Positioning the Nuclear Ecosystem for Long-Term Cyber Resilience
OT weaknesses are compounding across utilities, with 22% of critical infrastructure firms reporting OT incidents and external access driving half of breaches. U.K. NCSC's new guidance outlines connectivity principles that utilities can embed to avoid costly retrofits and compliance issues.

OpenAI Tests Promos, Anthropic Rejects Them Amid Rising Compute Costs
OpenAI has a problem: Most users don't pay for access to ChatGPT. The company is now doing what almost every Silicon Valley company before it has done and turning to digital advertising. Whether ads can bridge OpenAI's well-documented revenue gap without users fleeing is another question.

CIOs Say Stalled Pilots, Vendor Regret and Growing Fatigue Stifle AI Ambition
These may be the halcyon days for enterprise artificial intelligence, where money and ambition are only hindered by imagination as tech vendors race to gain a competitive edge. But CIOs say they're feeling increasing pressure to show ROI - and the reckoning is coming soon.

Deal Targets GenAI Risks, Prompt Injection Attacks and Autonomous Agents
Proofpoint has acquired AI security startup Acuvity to address fast-evolving risks tied to generative AI, prompt injection and autonomous agents. The company says intent-based guardrails and deep AI forensics will help enterprises secure tools such as ChatGPT, Claude and emerging agent frameworks.

VoidCrypt Ransomware Variant Taps RMM Tools, Says Huntress
Management isn't the only advocate for employee monitoring software, according to new research from cybersecurity firm Huntress. RMM tools - simultaneously open to remote connections and with privileged local access - are good for wiggling into corporate networks.