Aggregator

当前环境出现异常提示，需完成验证后才能继续访问。

当前环境异常，请完成验证后继续访问。

法学专论

司法人员必须立足微信聊天记录“迁移与备份”证据的特性，准确审查其合法性、真实性、关联性... ...

ArmouryLoader has once again captured the attention of cybersecurity experts, emerging as one of the most technically sophisticated malware loaders in recent memory. Its architecture reflects a mature approach to evading defenses, employing stealthy...

The post ArmouryLoader: New Sophisticated Malware Evades EDRs by Exploiting ASUS Gaming Software and OpenCL GPU Decryption appeared first on Penetration Testing Tools.

Amid a surge in malicious campaigns exploiting legitimate communication channels to evade traditional security measures, a new tool has drawn the attention of cybersecurity professionals—Raven Stealer. Emerging in July 2025, this information-stealing program has...

The post Raven Stealer Unmasked: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil appeared first on Penetration Testing Tools.

Currently trending CVE - Hype Score: 4 - tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names' GitHub Action workflow which ...

Currently trending CVE - Hype Score: 1 - XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, it's possible for anyone to inject SQL using the parameter sort of the getdeleteddocuments.vm. It's ...

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. This vulnerability is traded as CVE-2024-6039. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Elaine Marketing Automation up to 6.18.17 and classified as problematic. This vulnerability affects unknown code of the file /system/interface/wrapper_dialog.php. The manipulation of the argument dialog leads to cross site scripting. This vulnerability was named CVE-2024-42831. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Drupal 11.x-dev and classified as problematic. This vulnerability affects the function hash_salt of the file core/authorize.php. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-45440. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Adobe ColdFusion 2021 and ColdFusion 2023. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-20767. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Xlightftpd Xlight FTP Server 1.1. This vulnerability affects unknown code of the component Login. The manipulation of the argument User leads to denial of service. This vulnerability was named CVE-2024-0737. The attack can be initiated remotely. Furthermore, there is an exploit available.

Evilent Coerce A practical NTLM relay attack using the MS-EVEN RPC protocol and antivirus-assisted coercion. Evilent is a PoC tool that triggers the ElfrOpenBELW procedure in the MS-EVEN RPC interface (used for Windows Event...

The post Evilent PoC Exposes Windows Event Log Vulnerability, Leaking NetNTLMv2 Credentials via SMB Share appeared first on Penetration Testing Tools.

What if defenders could prepare for new vulnerabilities before they’re disclosed? GreyNoise’s latest research reveals that spikes in attacker activity often precede the disclosure of new CVEs — typically within six weeks. These findings shed light on a narrow but reliable early warning signal, giving security teams a critical window to harden defenses, monitor closely, and act ahead of emerging threats.

Close the speed gap in your security. GreyNoise unveils new real-time dynamic blocklists, push-based threat intelligence feeds, and SOAR integrations to help defenders detect, block, and respond to automated attacks faster than ever.

让地下环隧管理系统安全、稳定、高速运行。

Cybersecurity experts have identified more than a dozen critical vulnerabilities within the Niagara Framework—a platform developed by Tridium, a subsidiary of Honeywell. This technology is extensively deployed in the automation and management of smart...

The post Critical Flaws (CVSS 9.8) in Honeywell’s Niagara Framework Expose Smart Buildings & Industrial Systems to Root Access appeared first on Penetration Testing Tools.

A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-54438. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2025-54440. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.