Aggregator

Google 每年平均收到的 XSS 漏洞报告不到一个，不是每个应用程序，而是所有应用程序加起来！

Фундаментальная проблема хеш-таблиц получила неожиданное решение.

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data

Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR […]

The post Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文描述DeepSeek云端多种搭建方法，希望对您有帮助！

本文描述DeepSeek云端多种搭建方法，希望对您有帮助！

本文描述DeepSeek云端多种搭建方法，希望对您有帮助！

A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The discovery highlights the growing trend of cybercriminals exploiting legitimate cloud services for covert operations, blending […]

The post New Malware Abuses Microsoft Graph API to Communicate via Outlook appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

【2025春节】解题领红包活动 最终排行榜 活动已结束，论坛已被大牛们的解题分享贴屠版，欢迎分享解题思路，相互学习逆向经验，目前题目还可以试炼，系统依然支持提交验证答案，但已无大额奖励，活动系统延时到2月20日0点下线。 题目已打包放到爱盘供大家下载学习： https://down.52pojie.cn/Challenge/Happy_New_Year_2025_Challenge.rar

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation of this issue,” the company says. Fixed PAN-OS vulnerabilities (and unexpected reboots) CVE-2025-0108 was discovered by Assetnote researchers aftey they decided to analyze the patches for CVE-2024-0012 and CVE-2024-9474, which have been exploited by attackers … More →

The post PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) appeared first on Help Net Security.

首先需要分析加密函数，找到加密函数里边加密前的明文字符串变量。

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI benefits users, but it also brings new security challenges, especially Identity-related security

Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote, compromising the privacy and security of millions of users globally. Researchers revealed critical flaws allowing attackers to intercept sensitive user data, access device files, and exploit insecure encryption mechanisms on iOS and Android platforms. The app’s use of inadequate cryptographic […]

The post RedNote App Security Flaw Exposes User Files on iOS and Android Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.