Aggregator

作者：Sree Bhargavi Balija, Raghu Bala, Rekha Singal, Ramesh Raskar, Erfan Darzi, Thomas Hardjono,Ken Huang 译者：知道创宇404实验室翻译组 原文链接：https://arxiv.org/html/2507.07901v3 摘要 人工智能代理生态系统的碎片化已经对互操作性、信任和经济协调产生...

Доверие к ИИ рухнуло за ночь. NVIDIA признала компрометацию своей платформы.

Ransomware Activity Trends 2025

Они превратили TikTok в банковский троян, а вы даже не заметили.

安全运营中心 （SOC） 团队正面临一个全新的挑战，传统的网络安全工具无法检测高级攻击者。

Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide.  The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code execution without requiring any user interaction, making it particularly dangerous for millions of Android devices […]

The post Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction appeared first on Cyber Security News.

根据国家信息安全漏洞库（CNNVD）统计，2025年7月采集安全漏洞3780个。

HackerNews 编译，转载请注明出处： Wiz研究团队在NVIDIA Triton推理服务器中发现一系列关键漏洞，该平台是用于大规模运行人工智能模型的开源解决方案。当这些漏洞被串联利用时，远程未授权攻击者可能完全控制服务器，实现远程代码执行（RCE）。 此攻击链始于服务器的Python后端，最初的小规模信息泄露会逐步升级为完整的系统入侵。这对使用Triton进行AI/ML的企业构成重大风险，成功攻击可能导致宝贵AI模型被盗、敏感数据泄露、AI模型响应被篡改，并为攻击者提供深入网络的立足点。 Wiz已向NVIDIA负贵披露这些发现，目前补丁已发布。我们感谢NVIDIA安全团队的高效协作与快速响应。NVIDIA为此漏洞链分配了以下标识符：CVE-2025-23319、CVE-2025-23320和CVE-2025-23334。强烈建议所有Triton用户升级至最新版本。本文概述这些新漏洞及其潜在影响。此研究是Wiz披露的系列NVIDIA漏洞中的最新成果，包括两个容器逃逸漏洞：CVE-2025-23266和CVE-2024-0132。 防护措施 立即升级：首要措施是根据NVIDIA安全公告将Triton服务器及Python后端升级至25.07版本。 Wiz客户可通过以下方式检测云环境中易受攻击的实例： 在漏洞发现页面筛选关键问题相关实例 使用安全图谱识别公开暴露的虚拟机/无服务器容器 高级客户可通过动态扫描器筛选已验证结果 传感器客户可筛选运行时验证结果 代码安全客户可通过一键修复生成代码库修复方案 Triton内部机制 Triton作为通用推理服务器，通过模块化后端系统支持主流AI框架（如PyTorch、TensorFlow）。当推理请求到达时，服务器自动将其路由至对应后端执行。本次研究聚焦Python后端——因其不仅是热门多功能后端，还是其他后端的依赖组件。该后端核心逻辑由C++实现，通过独立“存根”进程加载并执行模型代码。二者通过共享内存（/dev/shm）实现高速进程间通信(IPC)，依赖唯一系统路径访问内存区域。 漏洞链分析 第一步：后端共享内存名称泄露 通过发送特制超长请求触发异常，错误响应中意外暴露内部IPC共享内存区域的完整密钥（例如“triton_python_backend_shm_region_4f50c226-b3d0-46e8-ac59-d4690b28b859”）。此密钥本应保持私密，泄露构成攻击链的关键突破点。 第二步：滥用共享内存API实现任意读写 Triton提供面向用户的共享内存API以优化性能。攻击者利用泄露的内部密钥调用注册接口后，可构造推理请求操纵该内存区域。由于API未验证密钥归属，攻击者借此获得对Python后端私有内存的读写权限，包括其IPC控制结构。 第三步：实现远程代码执行的路径 通过篡改共享内存中的数据结构和指针（如MemoryShm、SendMessageBase），攻击者可触发越界内存访问。进一步操纵IPC消息队列可构造恶意指令，最终实现从内存破坏到逻辑漏洞的完整利用链（具体技术细节暂不公开）。 攻击影响 模型窃取：窃取专有高价值AI模型 数据泄露：截获模型处理的用户隐私或金融数据 结果操控：篡改AI输出以制造错误或恶意结果 横向移动：以受控服务器为跳点渗透内网 结论 此案例证明看似微小的漏洞串联可引发系统级入侵。Python后端的详细错误信息与主服务API的验证缺失，共同构成了完整的攻击路径。随着AI/ML的广泛部署，基础架构安全防护至关重要。       消息来源：wiz； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

От конфиденциальности до «копируй и вставляй» — один клик.

New flaws in NVIDIA’s Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA’s Triton Inference Server for Windows and Linux could let remote, unauthenticated attackers fully take over vulnerable servers. According to Wiz Research team, chaining these vulnerabilities enables remote code execution […]

A vulnerability was found in Apache OFBiz. It has been declared as critical. This vulnerability affects unknown code of the component scrum Plugin. The manipulation leads to Remote Code Execution. This vulnerability was named CVE-2025-54466. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ebook Store Plugin up to 5.8013 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-54702. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in JetTabs Plugin up to 2.2.9.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-54687. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in WP LOL Rotation Plugin up to 1.0 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-49437. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in PressForward Plugin up to 5.9.1 on WordPress. Affected is an unknown function. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2025-28987. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in WPFunnels Plugin up to 3.5.26 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-54696. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in myCred Plugin up to 2.9.4.3 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-54668. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in WP Modal Popup with Cookie Integration Plugin up to 2.4 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-54683. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in JetEngine Plugin up to 3.7.1.2 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-54688. It is possible to initiate the attack remotely. There is no exploit available.