Aggregator

上周关注度较高的产品安全漏洞(20260316-20260322)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞476个，其中高危漏洞207个、中危漏洞243个、低危漏洞26个。

目录更新

首个利用调试器绕过Chrome新版加密的窃密木马。

以星为引，以技为名，我们在星盟，等每一个闪闪发光的你

看雪论坛作者ID：黎明与黄昏

Злоумышленники научились доставать секреты прямо из оперативной памяти серверов.

The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. [...]

在 Google Pixel 10 系列手机之后，三星宣布其 Galaxy S26 系列手机正式支持 AirDrop。Google Android 平台工程副总裁 Eric Kay 此前表示今年会有更多 Android 设备支持 AirDrop。苹果 iPhone 的 AirDrop 以及 Android 的 Quick Share 被用于快速在设备之间分享文件，Galaxy S26 系列包括三个型号 Galaxy S26、Galaxy S26 Plus 和 Galaxy S26 Ultra，对 AirDrop 的支持将首先在韩国推出，然后扩大到美国等其它地区。三星其它型号的智能手机未来也可能支持 AirDrop。

A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked to a group tracked as “TeamPCP,” compromises legitimate publisher namespaces and pushes poisoned package versions, effectively turning trusted developer tools into silent delivery mechanisms for credential-stealing code. CanisterWorm first came to public […]

The post New CanisterWorm Steals npm Tokens and Spreads Through Compromised Publisher Accounts appeared first on Cyber Security News.

Agentic AI安全元年，网络安全产业迎来范式重构

Iran-linked actors use Telegram as C2 to spread malware targeting dissidents and journalists, enabling surveillance and data theft. The FBI warns that Iran’s Ministry of Intelligence and Security (MOIS) runs cyber campaigns using Telegram as a command-and-control infrastructure to deliver malware. Threat actors target Iranian dissidents, journalists, and opposition groups worldwide. Once deployed, the malware […]

微软释出了紧急更新 KB5085516，修复三月例行安全更新 KB5079473 释出后出现的微软账号登录问题，该问题影响使用微软账号登录的应用如 Teams、OneDrive、Microsoft Edge、Microsoft 365 Copilot 以及 Excel 和 Word 等 Office 应用，当用户通过微软账号登录这些应用会返回错误信息，声称用户未连接到互联网。微软表示，使用 Microsoft Entra ID 登录的企业客户未受影响。

1.5倍好礼、新人好礼、联合大礼包等你来拿！

案例一“银狐”组织利用“IP-Guard等行为管理软件”获取用户电脑权限，记录用户电脑的日常操作，实现对用户电

A vulnerability labeled as problematic has been found in jsrsasign up to 11.1.0. This issue affects some unknown processing of the file ext/rsa.js of the component KEYUTIL Parser. The manipulation results in divide by zero. This vulnerability was named CVE-2026-4603. The attack needs to be approached locally. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in jsrsasign up to 11.1.0. Impacted is the function KJUR.crypto.DSA.signWithMessageHash of the component Private Key Handler. This manipulation causes missing cryptographic step. The identification of this vulnerability is CVE-2026-4601. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in jsrsasign up to 11.1.0. The affected element is an unknown function of the file ext/jsbn2.js. Such manipulation leads to incorrect conversion between numeric types. This vulnerability is referenced as CVE-2026-4602. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.