Submit #777393: Tenda AC5 AC5 V1.0 V15.03.06.47 Buffer Overflow [Accepted]
Submit #777393 / VDB-353656
Aggregator
Submit #777381: Tenda AC5 AC5 V1.0 V15.03.06.47 Buffer Overflow [Accepted]
3 weeks 1 day ago
Submit #777381 / VDB-353655
wxhwxhwxh_mie
Submit #777380: Tenda AC5 AC5 V1.0 V15.03.06.47 Buffer Overflow [Accepted]
3 weeks 1 day ago
Submit #777380 / VDB-353654
wxhwxhwxh_mie
Submit #777378: Tenda AC5 AC5 V1.0 V15.03.06.47 Buffer Overflow [Accepted]
3 weeks 1 day ago
Submit #777378 / VDB-353653
wxhwxhwxh_mie
Submit #777379: Tenda AC5 AC5 V1.0 V15.03.06.47 Buffer Overflow [Duplicate]
3 weeks 1 day ago
Submit #777379 / VDB-236325
wxhwxhwxh_mie
【培训】开源情报分析师实战能力培训班-4月成都开班(有邀请函)
3 weeks 1 day ago
为进一步推动我国开源情报人才队伍建设,四川警察学院联合成都欧深特信息科技有限公司在成都校区(成都市双流区黄水镇云岭路36号)举办开源情报分析师实战能力培训班,第2期培训班定于2026年4月26日至5月1日举行。
【智能简报】全球安全态势报告3.25-3.26
3 weeks 1 day ago
全球预测机构已将2026年美国通胀预测上调至4.2%,远高于美联储预测(CNBC,14:02)——战争溢价正向美国物价传导。英国通胀亦面临"战争冲击引发的残酷飙升"风险(CNBC,2026-03-25)
PTC security advisory (AV26-282)
3 weeks 1 day ago
Canadian Centre for Cyber Security
UK sanctions Xinbi marketplace linked to Asian scam centers
3 weeks 1 day ago
The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia. [...]
Sergiu Gatlan
Дрон со Starlink, дефибриллятором и 4K-камерой — это не военный беспилотник. Это то, что теперь летит на вызов 911 в США
3 weeks 1 day ago
Как Guardian спасает жизни за 10 минут до приезда скорой помощи.
Coruna框架与三角测量行动的技术同源性报告
3 weeks 1 day ago
本文是卡巴斯基全球研究与分析团队(GReAT)于 2026 年 3 月 26 日发布的技术分析报告,核心围绕 Coruna 漏洞利用框架展开,揭示了其与 iOS 定向 APT 攻击行动三角测量行动的深度同源关联
Coruna 是一套针对苹果 iPhone 设备的高复杂度漏洞利用工具包,其调试版本泄露了开发者的内部命名。
该工具包最初由某未具名监控软件供应商的客户用于定向攻击,后续扩散至其他攻击者,被用于乌克兰的水坑攻击、牟利型网络攻击,覆盖多类攻击场景与威胁主体。
相关阅读如下:
23个IOS漏洞打包的Coruna工具包,已完成从国家级到黑产的三级扩散
通过攻陷合法网站传播的新型iOS漏洞利用工具包DarkSword
与三角测量行动的核心关联
该框架使用了 CVE-2023-32434、CVE-2023-38606 两个漏洞,而这两个漏洞最早是以零日漏洞的形式,被用于卡巴斯基此前发现的 iOS 定向间谍活动三角测量行动。经技术分析确认,Coruna 中针对这两个漏洞的内核利用代码,正是三角测量行动所用漏洞利用程序的更新迭代版本。
且 Coruna 全量组件均与三角测量行动的漏洞利用框架共享底层代码、采用统一的设计架构,二者具备明确的同源性。
卡巴斯基还发现 Coruna 包含另外 4 个从未在三角测量行动中出现过的内核漏洞利用程序,其中 2 个是在三角测量行动被披露后开发的。
所有这些漏洞利用程序都基于同一套内核利用框架构建,共享通用代码。内核漏洞利用程序中的代码相似性,也能在 Coruna 的其他组件中找到。
这些发现让卡巴斯基得出结论:
这套漏洞利用工具包并非东拼西凑而成,而是采用统一的设计思路开发。卡巴斯基推断,它至少在一定程度上,就是三角测量行动所用漏洞利用框架的更新版本。
三角测量行动是典型的定向网络间谍活动,核心攻击目标为全球范围内的高价值个体与机构,包括外交人员、跨国企业高管、科研机构人员、媒体从业者、政府相关工作人员等。目前被普遍认为是美国NSA的所进行的攻击行动。
相关故事:
Coruna 间谍软件活动持续扩散,苹果破例为旧版iOS设备推送双版本安全补丁
框架能力与技术特性
从 Safari 浏览器初始打点,指纹识别目标环境、匹配对应远程代码执行(RCE)与指针认证码(PAC)绕过漏洞,到 Payload 下载解密攻击组件、执行内核漏洞提权,再到 Launcher 完成后渗透操作、植入间谍软件,形成全流程攻击闭环。
支持 ARM64/ARM64E 架构,适配 iOS 14~17.2 的多个系统版本,覆盖 A13 至 A17、M3 系列等多款苹果处理器。
CipherForce
3 weeks 1 day ago
You must login to view this content
cohenido
Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
3 weeks 1 day ago
A pro-Ukrainian hacker group known as Bearlyfy has carried out more than 70 cyberattacks against Russian companies over the past year and is now escalating its campaign with newly developed ransomware tools, researchers have found.
How Organizations Can Use Mistakes to Level Up Their Security Programs
3 weeks 1 day ago
Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry veteran outlines ways to fix these common mistakes.
Arielle Waldman
APT73
3 weeks 1 day ago
You must login to view this content
cohenido
Apple rolls out age verification to UK iPhone users
3 weeks 1 day ago
The age filters will be turned on by default, meaning that all users — including adults — will have to prove their age via credit card and other payment methods on file or by submitting an ID to be scanned.
Космос наш, но по платной подписке. Правду о Ближнем Востоке теперь покупают у корпораций
3 weeks 1 day ago
Частные спутниковые компании ограничили доступ к данным для СМИ в интересах Пентагона.
AI-Based Threats Usher in 'Dark Period' for Cyber Defenders
3 weeks 1 day ago
NightDragon CEO Dave DeWalt on Perfect Storm of Risks, Attackers and Hybrid Warfare
Cybersecurity has entered a dark phase as AI-powered attackers outpace defense teams. Dave DeWalt of NightDragon outlines how hybrid warfare, critical infrastructure risks and rapid innovation are reshaping global security priorities.
Cybersecurity has entered a dark phase as AI-powered attackers outpace defense teams. Dave DeWalt of NightDragon outlines how hybrid warfare, critical infrastructure risks and rapid innovation are reshaping global security priorities.
CISA Forced Into 'Reactive' Cyber Posture Amid Shutdown
3 weeks 1 day ago
Acting Director Says Furloughs And Cuts Limit Proactive Cyber Defense
A prolonged Homeland Security department shutdown has sidelined much of the U.S. cyber defense agency, halting proactive cyber operations, delaying directives and weakening visibility into threats - conditions officials warn are increasing systemic risk across critical infrastructure.
A prolonged Homeland Security department shutdown has sidelined much of the U.S. cyber defense agency, halting proactive cyber operations, delaying directives and weakening visibility into threats - conditions officials warn are increasing systemic risk across critical infrastructure.
Why CISOs Need to Start Taking AI Third-Party Risk Seriously
3 weeks 1 day ago
Keyrock CISO David Cass on Managing Agentic AI Risk in Financial Services
As financial institutions accelerate AI adoption, traditional governance models are falling short. David Cass, CISO at Keyrock, explains why organizations must rethink accountability, asset visibility and identity controls to manage emerging risks from LLMs and agentic AI systems.
As financial institutions accelerate AI adoption, traditional governance models are falling short. David Cass, CISO at Keyrock, explains why organizations must rethink accountability, asset visibility and identity controls to manage emerging risks from LLMs and agentic AI systems.