Aggregator

Python developers face a growing threat from typosquatted packages in the Python Package Index (PyPI), with malicious actors increasingly targeting this trusted repository to distribute sophisticated malware. Recent discoveries have exposed a concerning trend where threat actors create packages that closely mimic legitimate libraries, using slight spelling variations to trick unsuspecting developers into installing harmful […]

The post Beware of Typosquatted Malicious PyPI Packages That Delivers SilentSync RAT appeared first on Cyber Security News.

A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that users expect from their VPN service. The vulnerability affects both the graphical user interface (GUI version 2.10.0) and command-line interface (CLI version 2.0.1) on Linux systems, specifically tested on Ubuntu […]

The post PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gurucul released its AI Insider Risk Management (AI-IRM) product, which extends autonomous triage, bias-free risk scoring, context-rich investigation, and human-AI collaboration to automate response workflows directly within insider risk operations. Organizations face a rise in insider threats, from employees, contractors and third parties to non-human accounts and AI agents. According to Cybersecurity Insiders’ 2024 Insider Threat Report, 83% of organizations reported at least one insider attack in the past year. Until now, teams struggled with … More →

The post Gurucul’s AI-IRM accelerates insider risk detection appeared first on Help Net Security.

Raven Stealer has emerged as a potent information‐stealing threat targeting users of Chromium‐based browsers, most notably Google Chrome. First observed in mid-2025, this lightweight malware distinguishes itself through a modular architecture and stealthy design, allowing it to harvest sensitive information without alerting victims. Delivered predominantly via cracked software bundles and underground forums, Raven Stealer capitalizes […]

The post Raven Stealer Attacking Google Chrome Users to Steal Sensitive Data appeared first on Cyber Security News.

QuSecure launched QuProtect R3, an integrated, production-ready PQC platform designed to simplify encryption modernization for everyone. With the platform’s Reconnaissance innovation, a complimentary module for qualified companies, QuProtect R3 delivers visibility into vulnerable encryption across modern, legacy and cloud systems. Security teams that once spent months and millions compiling a cryptographic bill of materials (CBOM) can now discover their encryption landscape in days, prioritize the highest-risk systems and act without disrupting operations. “Henry Ford, the … More →

The post QuProtect R3 provides encryption visibility across systems appeared first on Help Net Security.

Jenkins has released critical updates addressing four security flaws that unauthenticated and low-privileged attackers could exploit to disrupt service or glean sensitive configuration details.  Administrators running Jenkins weekly releases up to 2.527 or the Long-Term Support (LTS) stream up to 2.516.2 must upgrade to mitigate these risks. HTTP/2 Denial of Service (CVE-2025-5115) A high-severity issue […]

The post Jenkins Patches Multiple Vulnerabilities that Allow Attackers to Cause a Denial of Service appeared first on Cyber Security News.

Researchers have uncovered a zero-day vulnerability in TP-Link routers that allows attackers to bypass Address Space Layout Randomization (ASLR) and execute arbitrary code remotely. Tracked as CVE-2025-9961, this flaw resides in the CWMP (TR-069) binary and can be triggered through malformed SOAP requests, granting full control of affected devices. A detailed technical walkthrough of discovery, […]

The post TP-Link Router Zero-Day Lets Attackers Execute Code by Bypassing ASLR appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

近日，Flowise 发布更新修复高风险漏洞，攻击者可以利用该漏洞读取服务器上任意文件。建议您及时开展安全风险自查。

Flowise 是一个开源的、可视化的 LLM 应用构建平台，专为 LangChain.js 打造，支持通过拖拽组件的方式快速构建聊天机器人、问答系统、嵌入式 AI 服务等。它极大降低了构建 LLM 应用的门槛，适合开发者、数据科学家以及产品团队进行原型设计与部署。

据描述，Flowise 存在一个严重的任意文件读取漏洞，攻击者可通过未授权访问以下两个 API 接口：

攻击者可构造恶意 chatId 参数（如 ../../）绕过路径校验机制，读取服务器本地任意文件。默认部署情况下，可直接读取。/root/.flowise/database.sqlite —— 包含所有数据库内容，包括 API 密钥、用户数据等敏感信息。该漏洞利用了 fallback 路径逻辑，在文件未找到时会尝试去除 orgId 并重新拼接路径，从而绕过原有的目录限制校验。

漏洞影响的产品和版本：

Flowise <= 3.0.5

据daydaymap数据显示互联网存在5,587个资产，风险资产分布情况如下。

▪ 临时缓解方案

限制公网访问相关 API 接口，建议通过防火墙或网关进行访问控制。

审计历史访问日志，排查是否存在异常文件读取行为。

更换 API 密钥，如怀疑数据库已被读取。

启用 Web 应用防火墙（WAF），拦截路径穿越类请求

▪ 升级修复

立即升级 Flowise 至 v3.0.6 或以上版本

原文链接

Druva released Dru MetaGraph, a secure, tenant-specific, graph-powered foundation for real-time data intelligence, and two new DruAI Agents: Insights Agent and Lifecycle Agent. Together, these innovations can help customers uncover insights near-instantly, simplify decision-making, and act across cyber, compliance, and operational workflows. Historically, backup intelligence has been limited to static dashboards and siloed reports, putting the burden on teams to piece together insights across multiple tools or wait for days or weeks until data analysts … More →

The post DruAI Agents and MetaGraph deliver real-time data intelligence appeared first on Help Net Security.

 WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked component of WatchGuard’s Fireware OS. An out-of-bounds write in the IKEv2 handling routine can allow a remote, unauthenticated attacker to execute arbitrary code on affected devices. Overview of the Vulnerability […]

The post Critical WatchGuard Vulnerability Lets Unauthenticated Attackers Run Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

近日，数说安全正式发布“2025年中国网络安全市场100强”企业、“2025中国网安新势力30强”企业。国投智能股份凭借资源支撑力、市场表现力等方面的综合实力，入选“2025年中国网络安全市场100强”，总体安全实力获高度认可。

《2025年中国网络安全市场100强》自2025年6月启动调研，调研对象为国内注册、以网络安全为主营业务的企业。评选紧密结合我国网络安全产业特色，以资源支撑力和市场表现力两个关键维度对参选企业进行全面评估。调研结果结合企业所提供的调研数据、相关公开数据、赛博慧眼CSRadar商业分析平台的市场成交数据等信息，根据数说安全网络安全市场与企业竞争力分析方法评价分析得出。

“数说安全”表示：网络安全市场结构正在经历深刻转变。在当前市场环境不佳的情况下，具备更强抗风险能力的企业更有可能脱颖而出并持续发展。领先企业与其他竞争者之间的差距扩大趋势有所放缓，市场格局呈现新的变化。国投智能股份将继续秉承“数据更智能、网络更安全”的企业使命，不断深耕网络安全技术，发展新质生产力，护航数字经济高质量发展。

LDAP Nom Nom Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP) Looks

The post ldapnomnom: Anonymously bruteforce Active Directory username appeared first on Penetration Testing Tools.

8月27日，《广西法治报》头版刊发专题文章《“AI智能+”辅助公安执法办案》，聚焦广西柳州市鹿寨县公安局借助AI科技赋能，成功研发“鹿警智讯”系统，助力执法办案的创新实践。

文中列举了诸多实例：“根据AI系统指引，办案民警调整讯问策略层层举证、精准追问，2小时内突破僵局”“告别数据分析人海战术，10分钟生成专业报告”……在执法质量与效率显著提升的背后，美亚柏科凭借深厚的技术积累，在与鹿寨县公安局的合作中积极作为，为“鹿警智讯”系统的成功落地提供了坚实的技术底座，贡献了关键力量。

“鹿警智讯”系统是在美亚智问系统基础上研发而成。美亚智问系统作为一款专为派出所、执法办案中心等基层办案单位量身打造的智能问询系统，借助AI大模型的强大能力，能够智能分析电子取证数据，为民警问询工作提供有力辅助。该系统创新构建了智能审讯模式，不仅能为民警提供询问思路建议，精准判断嫌疑人是否说谎，还具备一键生成笔录功能，极大提升了办案人员的审讯效率与办案质量。

该系统能够有效破解执法办案中手机采集数据线索挖掘不足、侦查研判缺乏支撑等难题，充分激活电子数据在案件问询侦办中的价值，已辅助某地执法部门实战一千余起，实现笔录制作时间缩短30%、涉案人员打处率提升25%，并荣获某省“科技兴警”一等奖。

以下为《广西法治报》报道原文：

民警运用“鹿警智讯”系统辅助执法办案。

“嫌疑人供述与已固定证据存在矛盾，建议围绕疑点补充追问，完善证据链!”

近日，鹿寨县公安局一审讯室内，电脑屏幕实时弹出一行智能提示。根据 AI系统指引，办案民警调整讯问策略层层举证、精准追问，2小时内突破僵局。这是该局运用自主研发的“鹿警智讯”系统提升执法办案效能的日常场景，也是科技赋能执法规范化的创新实践，标志着全区公安系统首个“AI智能+”执法办案系统成功运行。

近年来，鹿寨县公安局紧紧围绕“提升公安机关新质战斗力”目标，通过深入基层调研和执法监督，发现民警日常办案普遍面临三大痛点：涉案信息人工分析耗时费力、多系统兼容性差影响工作效率、笔录文书制作效率低下。

针对这些痛点，鹿寨县公安局与科技公司携手攻关，于今年8月成功研发“鹿警智讯”系统。该系统具备“线索研判、审讯辅助、文书规范”三大核心功能，在案件侦办各环节提供精准支持，推动执法工作从“经验驱动”向“数据驱动”转型升级，实现执法质量与效率双提升。

审讯前置，“智能中枢”夯实办案基础。“过去分析涉案信息，需要3名民警通宵奋战才能理出线索，现在系统10分钟就能生成专业报告。”办案民警对“鹿警智讯”的线索研判能力给予高度评价。

审讯开始前，系统扮演“精准化线索中枢”角色，民警导入涉案信息，系统即可自动进行数据碰撞比对，通过多维度建模绘制出嫌疑人关系网和行为轨迹图，深度挖掘隐藏线索。

数据显示，系统生成研判报告的效率较人工提升3倍以上，彻底告别“人海战术”式数据分析，民警从繁琐信息处理中解脱出来，专注于案件侦查核心环节。

审讯攻坚，“隐形军师”提升办案质效。“面对嫌疑人狡辩时，系统实时推送最佳讯问策略，即使是我这样的新手也能快速找到突破口。”一位年轻民警分享使用体验。参与重大案件侦办的民警不禁感叹道：“曾经需要昼夜不停查阅海量笔录寻找疑点，现在系统几分钟就能完成交叉比对，我们切实感受到了科技带来的改变。”

审讯过程中，“鹿警智讯”化身“专业化信息支撑平台”：系统内置百万份讯问笔录和海量模板，全面覆盖行政违法和刑事犯罪场景；嫌疑人抵赖或避重就轻时，系统可实时分析案情、交叉比对同案笔录，为民警提供精准讯问方向。该系统不断优化升级，通过不断扩充数据库和算法模型，能够实现综合分析研判案情，并自动推送立案标准和案件定性指导意见，全面提升执法质效。

在文书制作环节，系统通过语音实时转写替代传统手写录入，并智能识别笔录中的逻辑漏洞、语句错误和格式问题，实时标红提醒，复杂案件的文书制作时间较以往缩短30%以上，有效解决“新手不会办、老手办得慢”的困境。

“以往办理一个案件需要在5个系统间来回切换，现在一个界面就能完成所有操作!”基层民警的感受直观反映了系统带来的便利。针对“多系统切换、审批繁琐”等痛点，“鹿警智讯”打造“一站式办案平台”，整合信息查询、数据取证、案件审批流转等功能，实现“单界面操作、全流程闭环管理”，民警无需反复登录不同平台即可完成证据调取、审批上报等操作，办案效率显著提升，切实为基层民警减负增效。