Aggregator

Tomcat Tribes 分布式通信节点反序列化分析

本文聚焦于深度神经网络的全生命周期安全，系统性地剖析了人工智能模型在推理、训练及隐私保护三大环节面临的威胁。文章首先从理论层面定义了攻击面，随后结合经典例题，深入阐述了对抗样本的扰动生成机理、数据投毒的后门植入逻辑以及梯度泄露的隐私复原数学原理

io_uring是Linux 5.1引入的高性能异步I/O框架，通过共享内存环形缓冲区实现用户态与内核态的零拷贝通信。

https://b01lersc.tf/challenges

Django 框架在使用 PostGIS 查询地理栅格（raster）数据时，若将未经验证的用户输入直接作为 band index（波段索引）参数，会引发 SQL 注入

结合简单模型实验，直指漏洞利用

该文章介绍了一道 Node.js CTF 题目的解题思路：攻击者首先利用 /changepassword 接口的 merge() 函数原型链污染漏洞，注入 isAdmin: true 提权为管理员；随后通过 CVE-2026-22709 绕过 vm2 沙箱执行任意命令；最后利用 root 权限的 /backup.sh 定时脚本，将 /flag 内容写入静态目录实现读取。核心链：原型污染提权 → v

2026软件安全赛半决赛PWN Robo_admin WP fix&break

这个题目考了花指令，魔改rc4，protobuf，纯字符shellcode，考的很多，这里借此简单的总结一下各个部分

一个自定义的序列化的题目

Ваш банк думает, что проверяет живого человека, а на самом деле дипфейк с паспортом из Telegram.

The cybersecurity industry of 2006 barely resembled today's billion-dollar behemoth. As part of Dark Reading's 20th anniversary celebration, we trace the industry's evolution through a technology lens.

New guidance explains how to design Zero Trust Network Access architectures aligned with zero trust principles and not built on old trust assumptions.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2026-8398 Daemon Tools Lite Embedded Malicious Code Vulnerability
• CVE-2026-45321 TanStack Unspecified Vulnerability
• CVE-2026-48027 Nx Console Embedded Malicious Code Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]

Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward the malicious repositories. The videos promoting the fake tools have accumulated more than 50,000 views. The attackers rotate through GitHub … More →

The post Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware appeared first on Help Net Security.

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since at least early 2025, GlassWorm operators have systematically targeted software developers, a

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate risk long before anyone labels them an "incident." That changes the role of the SOC entirely. The

Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing […]

Как устроен самый богатый кошелёк, которым никто не может воспользоваться.