Aggregator

A vulnerability was found in TurboSoft TurboFTP Server 1.30.823/1.30.826 and classified as critical. Affected by this issue is some unknown functionality of the component PORT Command Handler. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2012-10035. The attack may be launched remotely. Furthermore, there is an exploit available.

当前环境出现异常，请完成验证后方可继续访问。

银狐黑产组织最新攻击样本与威胁情报

A trio of startup founders — GreyNoise's Andrew Morris, Thinkst Canary's Haroon Meer, and runZero's HD Moore — agree that raising venture capital funding can be beneficial, but a company's success depends on how well the product fits customer needs.

该页面显示值班人员Jan Kopriva、威胁级别为绿色，并提供应用安全课程（在拉斯维加斯举办）及ISC Stormcast播客链接。

Tigo Energyが提供するCloud Connect Advancedには、複数の脆弱性が存在します。

英伟达官方博客发文称，“NVIDIA 芯片不存在后门、终止开关和监控软件”。文章称，“为了降低误用风险，一些专家和政策制定者提出需要在硬件中设置‘终止开关’或内置控件，以便在用户不知情和未经同意的情况下远程禁用 GPU。有人怀疑这种情况已经存在。NVIDIA GPU 不存在也不应该设置终止开关和后门。30 多年前，NVIDIA 开始设计处理器。经验告诉我们，将后门和终止开关嵌入到芯片有可能为黑客和敌对势力提供可乘之机，这将会破坏全球数字基础设施和业界对领先技术的信任。很多国家和地区的既定法律对此也有明确规定，要求公司修正漏洞，而不是制造漏洞。这一原则仍然有效。不存在所谓“好”的秘密后门，只有必须被彻底消除的危险漏洞。”

A vulnerability was found in Intertwingly Planet 2.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2009-2937. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Plume CMS 1.2.3 and classified as critical. This issue affects some unknown processing. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2009-3418. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Piwigo up to 2.0.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2009-4039. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

文章解释了错误代码521的原因及解决方法，指出该错误通常发生在使用Cloudflare服务时，服务器无法连接到Cloudflare的边缘节点。建议检查网络连接、服务器状态或联系Cloudflare支持以解决问题。

HackerNews 编译，转载请注明出处： 最新报告揭露，今夏为期12天的对以冲突期间，亲伊朗黑客组织的网络威胁活动骤然激增。SecurityScorecard称其分析了25万条Telegram消息，揭示出涵盖情报收集、宣传攻势及针对关键基础设施与公共实体的直接攻击等多重活动。这些行动源自国家支持的黑客、代理人组织及支持伊朗战争目标的“意识形态同盟黑客活动分子”等多元群体。 主要活动包括： 宣传渗透：至少178个Telegram群组散布亲伊朗宣传，将“意识形态驱动讯息与协同网络攻击结合”，典型频道含“伊斯兰黑客军团”“抵抗阵线”等。 混合攻击：巴勒斯坦关联组织Cyber Islamic Resistance、Cyber Fattah，阿富汗Fatimion团队及伊斯兰黑客军团等团体，以“地方不满叙事”为名发起DDoS攻击、钓鱼行动及数据转储。 数据窃取：国家背景的Cyber Fattah通过扫描网络漏洞入侵沙特运动会系统，泄露含数千条个人身份信息（PII）的记录。 破坏行动：Fatimion团队实施网站篡改与DDoS攻击；Cyber Islamic Resistance进行服务中断、宣传广播及“士气动员”。 漏洞交易：突尼斯Maskers网络部队等牟利组织售卖零日漏洞并实施数据窃取。 国家级APT攻击同步升级 黑客组织Tortoiseshell（又名Cuboid Sandstorm）在冲突爆发数日内注册nowsupportisrael[.]com等煽动性域名，利用虚拟服务器托管钓鱼页面。该组织通过仿造支持以色列的请愿表单，诱骗希伯来语用户提交信息，并向筛选目标投放RemCosRAT远控木马。 报告指出，这些威胁行为体与伊朗伊斯兰革命卫队（IRGC）的关联程度及技术能力差异显著。“区分国家支持组织与机会主义团体对厘清日益复杂的网空冲突至关重要。”建议企业加强员工对钓鱼攻击的警觉性，并要求安全供应商评估自身是否可能成为攻击目标。       消息来源：infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Ultimate Member Plugin up to 2.6.6 on WordPress and classified as critical. This issue affects some unknown processing of the component User Meta Update Handler. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2023-3460. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

2025年8月28日，CSOP 上海站议程公开！

当前环境出现异常状态，需完成验证后才能继续访问相关内容或服务。

Cyber-criminals have gradually shifted their focus toward the high-value infrastructure that trains, tunes and serves modern artificial-intelligence models. Over the past six months, incident-response teams have documented a new malware family, tentatively dubbed “ShadowInit,” that targets GPU clusters, model-serving gateways and orchestration pipelines inside large language model (LLM) deployments. Unlike earlier crypto-mining campaigns, ShadowInit seeks […]

The post Cyber Attacks Against AI Infrastructure Are in The Rise With Key Vulnerabilities Uncovered appeared first on Cyber Security News.

文章描述了云flare错误代码521的原因及其解决方法。

HackerNews 编译，转载请注明出处： 谷歌发布安全更新修复安卓系统多项安全漏洞，包含两个已被实际利用的高通漏洞。漏洞涉及CVE-2025-21479（CVSS评分8.6）与CVE-2025-27038（CVSS评分7.5），二者与CVE-2025-21480（CVSS评分8.6）均由芯片制造商于2025年6月披露。 CVE-2025-21479属于图形组件授权错误漏洞，可能导致因GPU微代码中未经授权的命令执行而引发内存损坏。CVE-2025-27038则是图形组件的释放后重用漏洞，在Chrome浏览器使用Adreno GPU驱动渲染图形时可能造成内存损坏。 目前尚无漏洞实际利用细节，但高通曾声明“谷歌威胁分析小组迹象表明，CVE-2025-21479、CVE-2025-21480、CVE-2025-27038可能已被有限且针对性利用”。鉴于Variston、Cy4Gate等商业间谍软件供应商曾利用类似高通芯片漏洞，推测上述漏洞可能已被同类场景滥用。 这三项漏洞已被美国网络安全和基础设施安全局（CISA）列入已知被利用漏洞目录，要求联邦机构在2025年6月24日前完成更新。 谷歌2025年8月补丁还修复了安卓框架中两个高危权限提升漏洞（CVE-2025-22441与CVE-2025-48533）以及系统组件关键漏洞（CVE-2025-48530）。后者在与其他漏洞串联时，无需额外权限或用户交互即可实现远程代码执行。 谷歌提供2025-08-01和2025-08-05两套补丁级别，后者额外包含Arm与高通闭源及第三方组件修复方案。建议安卓用户及时安装更新以防范潜在威胁。       消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A sophisticated cybercriminal campaign dubbed “ClickTok” has emerged as one of the most extensive threats targeting TikTok Shop users worldwide, with researchers identifying over 10,000 malicious domains designed to steal user credentials and deploy advanced spyware. The campaign represents a significant escalation in e-commerce-focused cyberattacks, combining traditional phishing techniques with cutting-edge malware distribution to exploit […]

The post 10,000+ Malicious TikTok Shop Domains Attacking Users to Steal Logins and Deploy Malware appeared first on Cyber Security News.