Aggregator

漏洞描述CAI 是一个人工智能安全的框架。在包括0.5.10版本及之前的版本中，CAI 框架的函数工具中包含多个参数注入漏洞。用户控制的输入通过“subprocess”直接传递给shell命令。Popen（）' 带有 'shell=True'，允许攻击者在主机系统上执行任意命令​漏洞影响评分：9.7版本：<=0.5.10漏洞分析攻击者创建一个看似正常的网络安全博客页面，将恶意指令隐藏在HTM

俄罗斯安全公司卡巴斯基发表了 Notepad++ 去年遭受供应链攻击的分析报告。安全研究人员发现，攻击者在 2025 年 7-10 月之间使用了三条感染链攻击十几台电脑，这些电脑属于：越南、萨尔瓦多和澳大利亚的个人；菲律宾的一家政府机构；萨尔瓦多的一家金融机构；越南的一家 IT 服务提供商。攻击者在 2025 年 7 月下旬首次部署了 Notepad++ 的恶意更新程序。恶意程序由合法的 Notepad++ 更新程序 GUP.exe 启动，启动之后会向攻击者发送包含系统信息的“心跳（heartbeat）”包，随后开始执行第二阶段的负荷。

漏洞描述Kyverno 是一个为云原生平台工程团队设计的策略引擎。1.16.3 和 1.15.3 之前的版本在命名空格的 Kyverno Policy apiCall 中设有关键授权边界绕过。解析后的“urlPath”通过Kyverno准入控制器ServiceAccount执行，且不强制请求仅限于策略命名空间。因此，任何有权限创建命名空间策略的认证用户都可以让 Kyverno 使用其准入控制器身份

Submit #742676 / VDB-344270

Submit #742671 / VDB-344269

Submit #742670 / VDB-344268

Submit #742666 / VDB-344267

Submit #742663 / VDB-344266

Submit #742662 / VDB-344265

The chatbot era has ended. For two years, we’ve interacted with digital assistants that summarize emails and suggest recipes, but the National Institute of Standards and Technology (NIST) now draws a definitive line between machines that talk and machines that act. Their newly released Request for Information (RFI) signals a fundamental paradigm shift in how..

The post Beyond the Chatbot: Why NIST is Rewriting the Rules for Autonomous AI appeared first on Security Boulevard.

对小米AX9000进行完整的漏洞复现，包括解压，如何反编译，如何仿真以及如何调试，还对漏洞调用链进行了详细的分析。

A sophisticated malware campaign has surfaced where threat actors are distributing the ValleyRAT backdoor disguised as a legitimate installer for the popular messaging application, LINE. This targeted attack primarily focuses on Chinese-speaking users, leveraging a deceptive executable to infiltrate systems and compromise sensitive login credentials. The malware employs a complex loading chain involving shellcode execution […]

The post ValleyRAT Mimic as LINE Installer Attacking Users to Steal Login Details appeared first on Cyber Security News.

Submit #742633 / VDB-344264

Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them. [...]

A vulnerability was found in Foxit Reader 12.1.3.15356 and classified as critical. This affects an unknown function of the component Javascript saveAs API. Executing a manipulation can lead to file inclusion. This vulnerability is handled as CVE-2023-39542. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Foxit Reader 12.1.3.15356. Affected by this issue is some unknown functionality of the component Javascript exportDataObject API. Such manipulation leads to file inclusion. This vulnerability is referenced as CVE-2023-40194. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Foxit Reader 12.1.3.15356. It has been declared as critical. Affected is an unknown function of the component Javascript exportDataObject API. The manipulation results in file inclusion. This vulnerability was named CVE-2023-35985. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Foxit Reader 12.1.3.15356. It has been classified as critical. This impacts an unknown function of the component 3D Annotation Handler. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2023-32616. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, has been found in Autodesk Design Review. The impacted element is an unknown function of the component PDF File Handler. This manipulation causes double free. This vulnerability is tracked as CVE-2021-27033. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.