Aggregator

New Charon ransomware targets Middle East public sector and aviation, using APT-style tactics, EDR evasion, and victim-specific ransom notes. Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, […]

Charon 勒索软件针对中东公共部门和航空业发起定向攻击，采用 DLL 侧加载、进程注入和 EDR 规避等 APT 式战术，并通过定制勒索信息和部分加密技术增加破坏性。

文章指出，在现代开发环境中，敏感信息不再局限于代码仓库，而是广泛存在于聊天平台、文档工具、容器镜像等地方。GitGuardian通过“Bring Your Own Source”计划提供灵活的解决方案，帮助组织扩展敏感信息检测范围，并提升整体安全态势。

本周，互联网网络安全态势整体评价为良。

A vulnerability was found in TRENDnet TEW-690AP, TEW-691GR and TEW-692GR. It has been classified as critical. Affected is an unknown function of the component Telnet Service. The manipulation as part of Parameter leads to improper authentication. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2013-3367. It is possible to launch the attack remotely. There is no exploit available.

Канал ссылается на источники, знакомые с итогами переговоров в правительстве.

Bellingcat的Auto Archiver是一款用于保存在线数字内容的工具，自2022年推出以来已保存超15万网页和社交媒体帖子。该工具被记者、NGO及研究人员用于记录快速事件、收集证据及监控冲突影响。最新版本新增模块化架构、用户友好界面及文档功能，支持团队协作与自动化存档。

Harmonic Security最新季度报告指出，大量员工在使用生成式AI（GenAI）工具和集成AI功能的SaaS应用时，无意中提交了包含敏感信息的文件和请求，导致数据暴露风险显著上升。

Meta 旗下微博客服务 Threads 月活跃用户数突破 4 亿，而今年五月公布的数据是 3.5 亿，意味着三个月增加 5000 万。此外移动端的日活用户数缩小了与最主要竞争对手 X/Twitter 的差距。根据 X 前 CEO Linda Yaccarino 透露的数字，X 的月活用户数超过 6 亿。根据 Similarweb 的最新数据，Threads 在移动设备上的日活跃用户数接近 X。2025 年 6 月，Threads 的 iOS 和 Android 应用日活跃用户数为 1.151亿，同比增长127.8%。X 的日活跃用户数 1.32 亿，同比下降 15.2%。Similarweb 的数据显示，X 的日访问量远远领先于Threads，X 在  6 月的全球日均访问量为 1.458 亿，而 Threads 仅为 690 万。

Authorities in Saint Paul, Minnesota, are still grappling with the aftermath of a cyberattack that crippled large portions of the city’s municipal operations. Responsibility for the incident has been claimed by the hacking group...

The post Saint Paul Cyberattack Disrupts City, Interlock Ransomware Group Claims 43GB Data Theft appeared first on Penetration Testing Tools.

U.S. authorities have disclosed the details of a July operation against the BlackSuit ransomware syndicate, a coordinated strike that dismantled the group’s infrastructure and seized its digital assets. On July 24, in an internationally...

The post Law Enforcement Dismantles BlackSuit Ransomware, Seizing Servers and $1M in Crypto appeared first on Penetration Testing Tools.

OpenAI 更新 ChatGPT 至 GPT-5，新增自动、快速、思考模式。免费用户每周最多发送 3000 条思考消息，超出后切换至 GPT-5 Thinking mini。付费用户可选择 GPT-4o、4.1 等模型。上下文窗口扩大至 19.6 万个 tokens，并根据反馈持续优化模型体验。

Patch Tuesday — когда у Windows день стирки, а белья слишком много.

The North Korean cyber-espionage group Kimsuky has unexpectedly found itself in the role of victim after two hackers — identifying themselves as the “antithesis of Kimsuky’s values” — infiltrated its infrastructure and released stolen...

The post Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group appeared first on Penetration Testing Tools.

The ESET research team has published a detailed analysis revealing how the cyber-espionage group RomCom exploited a previously unknown path-traversal vulnerability in WinRAR (CVE-2025-8088) to stealthily install malicious software on victims’ computers. This flaw...

The post WinRAR Zero-Day (CVE-2025-8088) Exploited by RomCom Hackers, ESET Warns appeared first on Penetration Testing Tools.

Researchers have determined that a critical flaw in the SSH stack implementation of Erlang/Open Telecom Platform had been actively exploited as early as May 2025, with roughly 70% of detections targeting firewalls safeguarding industrial...

The post Critical Erlang/OTP Flaw (CVE-2025-32433) Actively Exploited, Poses Major Threat to Industrial Networks appeared first on Penetration Testing Tools.

A vulnerability, which was classified as critical, has been found in Advanced File Manager Plugin on WordPress. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-0818. The attack may be initiated remotely. There is no exploit available.