Aggregator

近期，多伦多警方在一项名为“Project Lighthouse“（灯塔计划）的史无前例的调查中逮捕了多名嫌疑人。该调查旨在打击一种名为“短信群发器”的移动网络犯罪工具，这类工具此前在加拿大从未被发现。 此次调查由加拿大皇家骑警国家网络犯罪协调中心 (NC3)、联邦警察中部地区、约克区警察局、汉密尔顿警察局、各大金融机构和电信合作伙伴共同开展。 SMS blaster（短信群发器）是一种模仿合法蜂窝基站的设备。激活后，它会使附近的手机连接到自身网络，而不是真正的网络。连接成功后，该设备会发送看似来自银行或服务提供商等可信机构的欺诈性短信。这些短信通常包含指向虚假网站的链接，旨在窃取个人信息、财务信息或登录信息——这种手法通常被称为“短信钓鱼”。 2025年11月，一家网络安全合作伙伴向执法部门举报，称在多伦多市中心发现一台移动短信群发设备。随后几个月，该设备在大多伦多地区的多处地点被检测到。 调查人员确定，在此期间，数万台移动设备连接到该群发设备。此外，还记录了超过1300万次网络中断。这些中断可能导致受影响的设备暂时无法连接到合法的蜂窝网络，包括限制用户拨打911等紧急服务电话，持续时间从几秒到几分钟不等。 2026年3月31日，调查人员在万锦市和汉密尔顿市的住宅执行了《刑法》搜查令。两名男子被捕，警方缴获了大量电子物证，其中包括数台移动短信群发设备。 2026年4月21日，第三名男子向警方自首。 目前，三名男子共被控包括利用计算机系统意图犯罪、拦截私人通信、欺诈和恶意破坏罪等44项罪名。这三名男子分别是： 居住在汉密尔顿，27岁的林大峰（Dafeng Lin） 居住在万锦，25岁的石俊敏（Junmin Shi） 居住在万锦，21岁的胡伟通（Weitong Hu） 加拿大警方宣称：本次调查凸显了网络犯罪的演变特性，以及利用先进技术大规模攻击公众的现象日益增多。 [得意]不过最有趣的是： 杨叔在警方照片中，发现这次设备和今年1月，马来西亚通讯及多媒体委员会（MCMC）在云顶高原捣毁的一个利用伪基站（BTS）进行诈骗的团伙所用设备完全一致。 作为曾在2011年参与过国内某省第一起伪基站案件取证的杨叔，真心希望加拿大警方能够应对这波：明显正在从东南亚迅速扩大销售网点到北美的黑产势头～[让我看看][旺柴] #隐私保护 #信息安全 #海外安全

最近，微步SafeSkill在一次例行检测中发现了一个极具代表性的恶意Skill。

阿里 HappyHorse 灰测，720P 视频生成低至 0.44 元/秒；中方禁止外资收购 Manus 项目；GPTImage2 成为赛博半仙，给马斯克看面相

Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

The post Chinese national extradited to US for pandemic-era Silk Typhoon attacks appeared first on CyberScoop.

助力“人工智能+教育”落地。

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A vulnerability labeled as critical has been found in AWS Solutions qnabot-on-aws up to 7.2.4. This issue affects some unknown processing of the component Content Designer Interface. The manipulation results in code injection. This vulnerability is known as CVE-2026-7191. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in WebFileSys 2.31.1. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2026-29971. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in Pimcore 12.3.3. This affects an unknown part. Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2026-5362. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Pimcore 12.3.3. It has been rated as critical. Affected by this issue is the function DataObject. Performing a manipulation results in sql injection. This vulnerability is reported as CVE-2026-5394. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in NASA MODAPS 8.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Such manipulation of the argument Category leads to sql injection. This vulnerability is documented as CVE-2024-46636. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Python CPython. It has been classified as critical. Affected is the function shutil.unpack_archive of the component ZIP Archive Handler. This manipulation causes path traversal. This vulnerability is registered as CVE-2026-3087. Remote exploitation of the attack is possible. No exploit is available. To fix this issue, it is recommended to deploy a patch.

A vulnerability was found in LatePoint Plugin up to 5.4.1 on WordPress and classified as critical. This impacts the function execute. The manipulation results in improper privilege management. This vulnerability is cataloged as CVE-2026-6741. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in Pro-Bit up to 1.77.3 and classified as problematic. This affects an unknown function. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2025-69428. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Vmware Spring Boot up to 4.0.5. The impacted element is an unknown function of the component Elasticsearch Auto-configuration. Executing a manipulation can lead to improper certificate validation. This vulnerability is tracked as CVE-2026-40970. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Dell Alienware Command Center up to 6.13.8.0. The affected element is an unknown function. Performing a manipulation results in least privilege violation. This vulnerability is identified as CVE-2026-32655. The attack is only possible with local access. There is not any exploit available. It is advisable to upgrade the affected component.