Aggregator

WinRAR之CVE-2025-6218漏洞复现与分析

吾爱破解论坛
3 months ago
在刷B站时看到有人在分享这个漏洞的原因,稍微琢磨了一下,脑袋告诉我:懂了,原来如此。但up主最后只给出了x64dbg中判断字符是否是空格的地方,没有给出定位过程,所以当时就来了兴趣,想自己分析分析。

Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months ago

Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike conventional malware that prioritizes immediate damage or data theft, backdoors focus on stealth and longevity, enabling attackers to control infected endpoints remotely, deploy additional payloads, exfiltrate sensitive information, and move laterally […]

The post Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

New Malware Using Azure Functions For Hosting Command And Control Infrastructure

Cyber Security News
3 months ago

A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded to VirusTotal on August 28, 2025, from Malaysia, employs a multi-stage infection process involving DLL […]

The post New Malware Using Azure Functions For Hosting Command And Control Infrastructure appeared first on Cyber Security News.

Guru Baran

CVE-2025-39737 | Linux Kernel up to 6.17-rc1 mm __kmemleak_do_cleanup iteration (WID-SEC-2025-2040)

Vuldb Updates
3 months ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17-rc1. The impacted element is the function __kmemleak_do_cleanup of the component mm. Such manipulation leads to excessive iteration. This vulnerability is referenced as CVE-2025-39737. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-12604 | Tapandsign Tap&Sign App prior 1.025 Environment Variable exposure of sensitive information through environmental variables

Vuldb Updates
3 months ago
A vulnerability categorized as critical has been discovered in Tapandsign Tap&Sign App. This affects an unknown function of the component Environment Variable Handler. The manipulation results in exposure of sensitive information through environmental variables. This vulnerability is identified as CVE-2024-12604. The attack can be executed remotely. There is not any exploit available. This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves. It is advisable to upgrade the affected component.
vuldb.com

Managed ad