Aggregator

China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]

A Threat Actor is Selling Domain Admin Access to an Unidentified U.S.-Based Company

The rise of customized large language models (LLMs) has revolutionized artificial intelligence applications, enabling businesses and individuals to leverage advanced reasoning capabilities for complex tasks. However, this rapid adoption has also exposed critical vulnerabilities. A groundbreaking study by Zhen Guo and Reza Tourani introduces DarkMind, a novel backdoor attack targeting the reasoning processes of customized […]

The post DarkMind: A Novel Backdoor Attack Exploiting Customized LLMs’ Reasoning Capabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence mechanisms, posing a significant threat to critical infrastructure in the region. Advanced Capabilities of EagerBee […]

The post EagerBee Malware Targets Government Agencies & ISPs with Stealthy Backdoor Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The identification of this vulnerability is CVE-2025-1448. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in PRTG Network Monitor up to 18.2.40. This issue affects some unknown processing of the file /public/login.htm. The manipulation as part of HTTP Request leads to improper access controls. The identification of this vulnerability is CVE-2018-19410. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing rate of 321 per second. The risk of encountering a threat climbed to 27.7% in Q4, with social engineering attacks accounting for 86% of all blocked threats. This underscores the increasingly sophisticated psychological tactics cybercriminals are using to deceive victims. “We’re continuing to see … More →

The post Cybercriminals shift focus to social media as attacks reach historic highs appeared first on Help Net Security.

Authors/Presenters: Tim Chase

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Manufacturing Lessons Learned, Lessons Taught appeared first on Security Boulevard.

A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the argument url leads to server-side request forgery. This vulnerability was named CVE-2025-1447. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

SecWiki周刊（第572期) by ourren

DeepSeek 本地部署指南 by ourren

FlowPic：一种通用的加密流量分类与应用识别表示方法 by ourren

AI-Infra-Guard: AI基础设施安全评估系统 by ourren

更多最新文章，请访问SecWiki

Submit #494788 / VDB-296135

Submit #501978 / VDB-296134

“We moeten nu in actie komen. Europa heeft nog maar 1 kans om dit goed te doen.” Deze waarschuwing kwam gisteravond van minister van Defensie Ruben Brekelmans. In Maastricht benadrukte hij tijdens zijn Europalezing dat het continent niet kan rekenen op bescherming van de Verenigde Staten. Europa moet die volgens hem verdienen. “En daarvoor hebben we niet veel tijd.”

在《Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World》一书出版近十年之后，知名加密技术和隐私专家 Bruce Schneier 表示一切照旧，没有发生改变。NSA 及其世界各地的同行仍然竭尽所能的大规模收集数据。云服务、物联网设备和智能手机的普及使得个人几乎不可能保护自己的隐私。我们越来越多的数据储存在云端，身边有越来越多的物联网设备，以及总是随身携带智能手机，走到哪里，隐私就跟着丢到哪里。虽然欧洲颁发了 GDPR(General Data Protection Regulation)等法律对个人数据收集进行限制，但仍然未能解决监控资本主义作为一种商业模式这一核心问题。而 AI 的兴起可能会破坏端对端加密。因为 AI 助手需要云端算力处理数据，个人可能不得不向公司交出更多数据。Schneier  对未来仍然保持乐观，相信大规模监控最终会被视为不道德的，就像今天的血汗工厂。但这一转变可能需要 50 年或更长时间。

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 (CVSS score: 6.8) - The