Aggregator

跳板技术研究及实操、proxy代理技术研究及实操、模拟构建多层跳板网络

A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-8535. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Security researchers at Safety have uncovered an AI-generated malicious NPM package dubbed @kodane/patch-manager, engineered as an advanced cryptocurrency wallet drainer. This package, posing as a benign “NPM Registry Cache Manager” for license validation and registry optimization, embeds sophisticated mechanisms to siphon funds from developers’ and users’ crypto wallets. Published under the NPM username “Kodane,” the […]

The post Hackers Leverage AI to Craft Malicious NPM Package That Drains Crypto Wallets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Senate voted 59-35 to place Republican Party insider Sean Cairncross atop the Office of the National Cyber Director, which plays a pivotal role in dictating policy and bolstering U.S. cybersecurity efforts.

ANY.RUN在7月推出新功能和更新，包括与IBM QRadar SOAR的集成以加速响应、免费威胁情报查询计划、Debian ARM虚拟机用于分析物联网恶意软件以及新增163个行为签名、13个YARA规则和2772个Suricata规则，提升威胁可见性和工作效率。

Submit #619142 / VDB-318665

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-8534. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."

A vulnerability classified as problematic has been found in KubeVirt up to 4.14.x. This affects an unknown part of the component DownwardMetrics. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-31420. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #617831 / VDB-318664

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.

恶意软件正变得更具社交性和自动化特性，模仿人类行为以增加可信度。本周报告揭示了俄罗斯网络间谍Secret Blizzard通过ISP网络发起攻击、SonicWall SSL VPN零日漏洞被Akira勒索软件利用、UNC2891通过4G Raspberry Pi攻击ATM等事件。同时，多家公司因雇佣Hafnium黑客而关联到多项专利技术。

文章指出用户IP地址因频繁请求被限制访问Reddit，建议等待几分钟后重试。如仍受限，可联系客服并提供账号及特定代码解决问题。

阿里云jtools详解及codeql分析调用链

A vulnerability classified as critical has been found in Dassault Systèmes DELMIA Apriso up to 2025. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-6205. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Dassault Systèmes DELMIA Apriso up to 2025. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. This vulnerability is handled as CVE-2025-6204. The attack may be launched remotely. There is no exploit available.

July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way.  In this update:  Keep reading to explore what’s new and how […]

The post Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability was found in Arm Bifrost GPU Userspace Driver, Valhall GPU Userspace Driver and 5th Gen GPU Architecture Userspace Driver. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2025-0932. An attack has to be approached locally. There is no exploit available.

这篇文章介绍了作者在Blaugust活动中发现的各类博客，涵盖个人成长、写作习惯、咖啡冲煮、书籍评分等多个主题。推荐的博客风格多样，包括清新设计、工作与生活平衡感悟、阅读体验分享等。

A vulnerability was found in CODESYS Runtime Toolkit, Control for BeagleBone SL, Control for emPC-A, iMX6 SL, Control for IOT2000 SL, Control for Linux ARM SL, Control for Linux SL, Control for PFC100 SL, Control for PFC200 SL, Control for PLCnext SL, Control for Raspberry Pi SL, Control for WAGO Touch Panels 600 SL and Virtual Control SL. It has been classified as critical. Affected is an unknown function. The manipulation leads to incorrect default permissions. This vulnerability is traded as CVE-2025-41658. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.