Aggregator

本文系统介绍了Struts2框架的架构特点及其安全风险，重点分析了OGNL（Object-Graph Navigation Language）表达式在漏洞利用中的关键作用。由于OGNL具备强大的对象访问与方法调用能力，若开发者未对用户输入进行严格过滤，攻击者即可借此执行恶意代码，从而造成远程代码执行（RCE）等严重后果。文章详细讲解了OGNL的语法机制、上下文实现与在Struts2中的应用方式，并

HackerNews 编译，转载请注明出处： 勒索软件组织Anubis声称其意外获得了巴黎迪士尼乐园64GB数据。6月20日，该组织在其数据泄露网站上将巴黎迪士尼乐园列为受害者，宣称掌握的数据构成“迪士尼乐园历史上最大的数据泄露事件”。 截至本文发布时，Anubis网站倒计时显示数据将于约三日后公开。通常情况下，此类倒计时代表受害企业支付赎金以阻止数据公开的最后期限，但本次事件中Anubis是否向迪士尼提出勒索要求、是否直接入侵巴黎迪士尼系统均尚未明确。 Anubis在声明中表示：“在迪士尼合作公司数据泄露过程中，涉及巴黎迪士尼乐园建造与翻新工程的39,000份文件落入了我们手中。”经Cybernews核查，该组织目前公开的数据样本主要为巴黎迪士尼园区内不同景点的图片、设计图纸及工程计划，暂未发现明显敏感信息。 该组织声称：“虽然本社编辑团队无法从工程角度评估这些内容的价值，但确信迪士尼的竞争对手会对其产生兴趣。”Cybernews编辑部特别指出，Anubis自称拥有“编辑团队”的说法明显荒谬。 Cybernews已联系迪士尼官方置评，尚未获得回应。Anubis在声明中还讽刺性地指出：“巴黎迪士尼一贯严格监控媒体泄密内容并全网清除相关照片，这种行为无意中引发了‘芭芭拉·史翠珊效应’。本次泄露的4000余份照片与视频将首次揭露乐园幕后工作场景。” 背景补充：Anubis勒索组织运作特征 Anubis是新兴勒索组织，其官方X账号显示自2024年12月开始活跃。该组织融合传统勒索手段与初创企业级盈利模式，通过多重联盟计划拓展业务：既提供勒索软件即服务（RaaS），也经营访问权限经纪业务，允许第三方通过其攻击行动获利。其攻击工具支持双重勒索策略——不仅加密受害者文件，同时以公开数据为要挟索要赎金。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

在最新版本中的Typora中，解包app.asar会发现软件使用了node vm将js编译成了jsc，在之前的版本中，分析atom.js可以得知Typora的激活实际上就是一个简单RSA公钥解密，只要patch了公钥就可以编写注册机进行激活

在红队攻防权限维持中，流量问题是一个无法被忽视的问题，作为红队的你肯定有过被白名单拦截，IP被抓到溯源的痛苦，本文通过链式寄生C2技术绕过流量检测达到防溯源，防白名单的效果，在EDR对抗中颇有成效。

​ 近日在研究异构路由器漏洞时，笔者使用的IDA出现了反编译异构路由器卡死的问题，和身边是师傅们交流后发现，这种问题不在少数，这种工具类的问题严重影响了正常的工作，故进行研究。 ​ 出现问题的直接原因在于此前由于IDA 8.3及以后的hexrays并未泄露，无法使用过去IDA 7.7的插件进行反编译，一通操作下通过ida_dll_shim等项目对7.7的hexrays进行了移植。移植完

A vulnerability was found in Microsoft Internet Explorer up to 8 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The identification of this vulnerability is CVE-2013-3164. The attack needs to be initiated within the local network. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise. The flaw, designated CVE-2025-49144, allows attackers to gain SYSTEM-level privileges through a technique known as binary planting, with a proof-of-concept demonstration now publicly available. The vulnerability affects the Notepad++ v8.8.1 installer released on […]

The post Notepad++ Vulnerability Let Attacker Gain Complete System Control – PoC Released appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 英国政府每年约有价值130万英镑（170万美元）的笔记本电脑、手机等设备遭窃或遗失，对国家安全构成系统性风险。《卫报》披露的信息公开数据显示，去年政府各部门共丢失超2000台设备，其中包含协调政府运作的内阁办公厅。 受影响的机构还包括国防部、内政部、财政部及英格兰银行。具体数据显示：内阁办公厅在2024年遗失66台笔记本电脑和124部手机；国防部报告丢失103台笔记本和387部手机；主管警务的内政部去年有147台设备失踪；而负责网络安全的科学、创新与技术部，在截至2025年5月的一年内遗落83部手机和18台笔记本。 网络安全专家指出，这些数字“惊人地庞大”且构成“重大国家安全威胁”，尤其当设备失窃时处于解锁状态。不过政府声称加密机制可阻止恶意访问——国防部强调加密“能保障数据安全并阻断对国防网络的入侵”；英格兰银行表示已部署“适当防护”；政府发言人则重申“所有笔记本电脑和手机均强制加密，确保遗失不会导致安全漏洞。” 官方声明称，所有遗失事件均按规程调查。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Mitel MiCollab and MiVoice Business Solution Virtual Instance. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-41714. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Keith Cullen FreeCoAP. It has been declared as problematic. This vulnerability affects the function server_handle_regular of the file test_coap_server.c of the component Packet Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2024-31029. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Keith Cullen FreeCoAP. Affected by this vulnerability is an unknown functionality of the file coap_msg.c of the component Packet Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2024-40494. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in FlowiseAI Flowise 2.2.6. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v1/attachments. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-26319. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Jenkins. It has been classified as problematic. This affects an unknown part of the file config.xml of the component REST API/CLI. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-27622. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Jenkins. It has been declared as problematic. This vulnerability affects unknown code of the component REST API/CLI. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-27623. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Jenkins. It has been rated as problematic. This issue affects some unknown processing of the component Sidepanel Widget Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-27624. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.4.1. It has been rated as critical. This issue affects some unknown processing of the file /WeGIA/controle/control.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2025-52474. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in OceanWP Plugin up to 4.0.9 on WordPress and classified as problematic. This vulnerability affects unknown code of the component HTML Tag Handler. The manipulation of the argument Select leads to HTML injection. This vulnerability was named CVE-2025-5524. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in GiveWP Plugin up to 4.3.0 on WordPress and classified as critical. This issue affects the function permissionsCheck. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2025-4571. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Football Pool Plugin up to 2.12.4 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-5490. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in mysiteforme 1.0/2.2.1. This vulnerability affects unknown code. The manipulation leads to sql injection. This vulnerability was named CVE-2025-26136. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.