Aggregator

在某次攻防下遇到的edr环境,对其进行挖掘,发现可以滥用的程序

AI For Security：AI在云产品安全建设中能做什么？

Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online, luring them into downloading malware-laced files that secretly mine cryptocurrency using their own GPU. The attackers have built a network of more than 150 fake download sites that closely mimic trusted […]

The post Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency appeared first on Cyber Security News.

在内网攻防对抗中，攻击者常利用 SMB、WinRM 等合法管理协议进行横向移动，并通过 SMB3 和 RDP 等协议的加密特性隐藏恶意行为，给应急响应与威胁溯源带来了巨大挑战。本文以2026软件系统安全赛中的典型内网横向移动流量分析赛题为分析对象，详细梳理了攻击链的完整还原过程。首先，从网络流量中提取 NetNTLMv2 响应并离线破解以获取明文凭据；随后，利用该凭据解密 WinRM 会话，识别并

AI洪流下的防守对抗新范式

面向大模型隐私推理的安全协议-MPC与ZK的角色分工

红队钓鱼-前期邮箱搜集、spf绕过、钓鱼环境搭建、钓鱼文件制作

本文简略的梳理了Windows DumpHash的流程，并通过系统白程序Reg.exe的拓展应用，巧妙的绕过了杀软的拦截点，实现了绕过EDR从而DumpHash的目的，同时根据实际测试，该方法针对Windows系列系统具有有效性，操作难度不大，具有实战价值。

“摘下你黯淡的衰亡，换一束爆燃的火花”

一文看透Java反序列化从PriorityQueue到TemplatesImpl的完整触发路径

php8 首个 bypass disable function漏洞，已武器化为蚁剑插件

前言：在平时测一些站点的时候，几乎都会有登录框或者一些权限存在区分的地方，在这些地方大部分又是使用shiro框架来负责权限操作的；网上的一些原理或者操作太过抽象和分散，于是这篇文章就是谈谈shiro框架的一些漏洞合集和简单分析。首先什么是shiro框架呢？Apache Shiro 是一个功能强大且易于使用的 Java 安全框架，用于处理身份验证、授权、加密和会话管理等核心安全性问题。Shiro 可

尝尝长城杯国赛决赛,还是挺有意思的.

文章首发于看雪论坛 [原创]trx ctf 2026 house of fishing 参考文献TRX CTF 2026 house-of-fishing Writeup · rawpayload前言看了一下 trxctf 2026 的堆题，这题看上去很简单，只需要一个任意地址写将 *admin 修改成目标的地址即可触发后门函数，从而getshell，但是程序没有 show() 功能，因此无法通过

主要是围绕RSA的coppersmith、动态题目、RSA变种展开

A threat actor using the alias azazeljakel (posting under the tag "CORTEX") claims to have compromised Localizacion Empresarial Telcel (LET), a business location and fleet-tracking platform operated under the Mexican telecom brand Telcel (let.telcel.com).

Hackers are using fake tax notification emails to trick Windows users into downloading dangerous multi-stage malware that runs entirely in memory, leaving almost no trace behind. The campaign, tracked as Operation TaxShadow, has been active since at least May 20, 2026, targeting individuals by impersonating official Indian government tax authorities. The emails are crafted to create […]

The post Hackers Use Tax Phishing Emails to Deploy In-Memory Malware on Windows Systems appeared first on Cyber Security News.

ServiceNow has confirmed a security vulnerability that could allow unauthorized actors to query customer instance tables, raising concerns about potential data exposure across enterprise environments. The issue, disclosed through threat intelligence channels, involves improper access controls that may enable attackers to execute queries against backend instance tables without proper authentication. ServiceNow, widely used for IT […]

The post ServiceNow Confirms Vulnerability Allowing Unauthorized Access to Customer Instance Tables appeared first on Cyber Security News.

Почему в последний момент алгоритм выбрал знакомое объяснение?

A malicious package targeting software developers has been discovered on npm, one of the most widely used package registries in the world. The package, named dbmux, was found to contain hidden malware capable of giving attackers complete control over any developer’s system that had it installed or running. The incident was disclosed on June 9, […]

The post Hackers Infect npm Package dbmux With Malware to Fully Compromise Developer Systems appeared first on Cyber Security News.