Aggregator

A vulnerability was found in Apple iOS and iPadOS up to 15.3.1. It has been classified as critical. Impacted is an unknown function of the component libarchive. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2021-36976. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Apple watchOS up to 8.4.2. It has been declared as critical. Affected by this issue is some unknown functionality of the component libarchive. Executing manipulation can lead to memory corruption. This vulnerability appears as CVE-2021-36976. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Apple macOS. This affects an unknown function of the component libarchive. The manipulation results in memory corruption. This vulnerability is known as CVE-2021-36976. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

A vulnerability described as problematic has been identified in SQLite 3.36.0. The affected element is the function idxGetTableInfo of the component SQL Query Handler. Executing manipulation can lead to denial of service. This vulnerability is handled as CVE-2021-36690. The attack can only be done within the local network. There is not any exploit available. There is ongoing doubt regarding the real existence of this vulnerability.

A vulnerability was found in Apple macOS. It has been rated as critical. This vulnerability affects unknown code of the component SQLite. This manipulation causes denial of service. The identification of this vulnerability is CVE-2021-36690. It is possible to initiate the attack remotely. There is no exploit available. It is still unclear if this vulnerability genuinely exists. Upgrading the affected component is advised.

In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data from more than 1.3 million applications and 126 million security findings. Financial institutions perform better than average at preventing severe vulnerabilities, but they are slower to fix them and carry more long-term … More →

The post Financial services can’t shake security debt appeared first on Help Net Security.

操作PEB（进程环境块）和EAT（导出地址表），我们可以实现隐蔽和API绕过

在社会工程学（社工）钓鱼攻击中，通过视觉欺骗“伪造”文件名称后缀是一种常见的手法，其主要目的是误导受害者，让他们误以为文件是安全无害的，从而点击打开或执行该文件。这种技术利用了人们对文件类型和扩展名的信任，以及对特定格式文件的熟悉度来掩盖恶意内容的真实性质。

2025年第三届陇剑杯网络安全大赛 RHG决赛wp

Polar2025秋季个人挑战赛web

项目地址 https://github.com/DERE-ad2001/Frida-Labs

流量样本涉及到webshell流量、CS流量的识别、解密及分析，感觉跟实战很接近，和各位师傅分享下分析思路。

前言书接上文，高级进程注入之利用线程名和APC实现进程注入（上）：https://xz.aliyun.com/news/18877上文中已经介绍了相关的API，本文会讲述利用线程名注入的实现细节，相比较传统的进程注入需要创建线程，这是一个不需要创建线程的新技术介绍通常，向一个进程的内存写入内容，需要我们在打开进程句柄时带有写权限，PROCESS_VM_WRITE，但这可能被AV/EDR视为可疑指标

由于国内大部分src厂商不收取内容安全漏洞，所以分享一次某大厂自研大模型的一次实战通过提示词注入导致弹xss弹cookie。

N1CTF Junior re pyramid

本文介绍了一种通过动态获取SSN和系统调用地址实现间接系统调用的方法，利用汇编跳转绕过API Hook，提升对抗EDR/AV的能力。

COS提权与利用解密脚本下面 xor 后的三个结果分别是 ak，sk，session token，配置下 secretid 和 secretkey（开了几次环境，所以下面ak和sk可能会有变化）token 需要手动去配置下后续发现很多命令有问题，还是用 aws 吧先看下当前用户，这里报错是因为腾讯云 STS API 不是 S3 协议兼容的，而是走的 TC3-HMAC-SHA256 签名体系可以用

前几天都在研究高版本的fastjson，都知道高版本的fastjson对于@type多了非常多的限制，导致反序列化漏洞越来越难，特别是白名单让漏洞更难利用，不过需要探测 fastjson 是作为打入的第一道关卡，探测的手法也多种多样，下面来分析一个畸形 payload ，不符合 json 格式但是任然能够解析

Cybersecurity Architect Alstom | France | On-site – View job details As a Cybersecurity Architect, you will analyze solutions, identify associated risks, and propose security architecture models by involving various cybersecurity experts (network, IAM, SIEM, SOC, etc.) and applying the cybersecurity models approved by Alstom. You will assess deviations from security policies to grant or deny exemptions based on the risk level and the associated remediation plan. Cybersecurity Expert Parsons Corporation | UAE | On-site … More →

The post Cybersecurity jobs available right now: November 4, 2025 appeared first on Help Net Security.

У вас есть VPN и EDR? Значит вы инвестировали в защиту, которую обходят обычной авторизацией.