Aggregator

不会逆向？没关系！有了 IDA Pro + MCP + Cursor 的组合，逆向像刷短视频一样简单！本文手把手带你从环境配置到实战上手，只需会点鼠标、贴上提示词，AI 帮你分析、重命名、出报告、甚至直接爆出 flag！全程无脑点点点，CTF题目轻松拿下。 你只负责看结果，AI负责逆向一切。 欢迎体验“逆向小白的一键逆袭”，再不会也能一战成神！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

ArmorCode launched AI Code Insights, a new set of capabilities that leverages ArmorCode’s agentic AI, Anya, to provide enterprises with contextual understanding of their code repositories, empowering security and development teams to secure what matters most. AI Code Insights directly addresses the critical challenge of “black box” code repositories, transforming them into a source of actionable intelligence. Developers are now leveraging AI to push hundreds of commits daily, often leaving security teams struggling to identify … More →

The post ArmorCode provides enterprises with contextual understanding of their code repositories appeared first on Help Net Security.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: The CVE-2025-32433 flaw is a […]

Не понравится — не страшно. Нацмессенджер всё равно будет.

Hackers continue to exploit the ConnectWise ScreenConnect remote management and monitoring (RMM) tool to deploy malicious payloads, with a focus on financial organizations. An independent researcher first reported a potential critical vulnerability in ScreenConnect versions 23.9.7 and prior through the ConnectWise Trust Center’s vulnerability disclosure program. Malicious Campaigns Targeting Financial Organizations This flaw has since […]

The post Hackers Persist in Using ConnectWise ScreenConnect Tool to Distribute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

包括阿里巴巴、字节跳动和腾讯在内的中国主要 AI 公司在高考期间短暂禁用了部分功能以防止考试作弊。阿里巴巴的 Qwen 和字节跳动的豆宝等热门 AI 应用暂停了图片识别功能，阻止其回答试卷问题；而腾讯的元宝和北京月之暗面科技有限公司（Moonshot AI）的 Kimi 则在考试期间完全停用了照片识别服务。从 6 月 7 日到 10 日，逾 1330 万中国考生参加了高考，他们已被禁止在考试期间使用手机和笔记本电脑等设备，禁用部分 AI 聊天机器人功能只是为防止考试作弊增加额外安全保障。热门 AI 聊天机器人 DeepSeek 也在特定时段停止服务。

Red Canary was experimenting with generative AI B.C. (before ChatGPT). Our new next-gen AI agents are the capstone of a years-long journey.

OpenAI is working to fix an ongoing outage impacting ChatGPT users worldwide and preventing them from accessing the chatbot on the web or via mobile and desktop apps. [...]

SAP has released nineteen security patches in its June Patch Day, addressing critical vulnerabilities that could allow attackers to bypass authorization controls and escalate privileges across multiple enterprise systems. The update includes two HotNews Notes and seven High Priority Notes, with immediate action recommended for organizations running affected SAP environments. The most severe vulnerability, tracked […]

The post Severe SAP NetWeaver Vulnerability Allows Attackers to Bypass Authorization Checks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

微软遵守特朗普的行政令封禁了国际刑事法院（ICC）首席检察官 Karim Khan 的电邮账号，严重影响了法院的日常工作。开源商业联盟 OSBA 认为微软的行为证明欧洲需要数字主权，不能过于依赖美国科技巨头。多年来，欧洲机构一直依赖硅谷科技巨头对安全和数据保护的虚假承诺。微软、亚马逊和 Google 等云服务提供商一再保证，他们尊重欧洲法律，在欧盟境内建立了数据中心，并承诺遵守 GDPR。然而微软事件表明，不管服务器是在法兰克福、罗马还是巴黎，如果供应商受外国法律管辖，那么数据也会受外国法律管辖。如果远在数千公里之外的政治决策会对欧洲数字通信和欧洲数据产生直接而严重的影响，这就构成了巨大的风险。想象一下，如果欧洲将国家电网的控制权交给受非欧洲法律约束的外国公司？现在是时候摆脱对美国技术的依赖了。