我当黑客那几年(AiRedTeam) (Page 15)

JanelaRAT: a financial threat targeting users in Latin America

📡 Kaspersky Securelist · 2026-04-13 JanelaRAT: a financial threat targeting users in Latin America Background JanelaRAT is a malware family that takes its name from the Portuguese word “janela” which means “window”. JanelaRAT looks for financial and cryptocurrency data from specific banks and financial institutions in the Latin America region. JanelaRAT is

安全情报

The long road to your crypto: ClipBanker and its marathon infection chain

📡 Kaspersky Securelist · 2026-04-09 The long road to your crypto: ClipBanker and its marathon infection chain At the start of the year, a certain Trojan caught our eye due to its incredibly long infection chain. In most cases, it kicks off with a web search for “Proxifier”. Proxifiers are speciaized software

安全情报

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

📡 Kaspersky Securelist · 2026-04-01 A laughing RAT: CrystalX combines spyware, stealer, and prankware features Introduction In March 2026, we discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS (malware‑as‑a‑service) with three subscription tiers. It caught our attention because

安全情报

An AI gateway designed to steal your data

📡 Kaspersky Securelist · 2026-03-26 An AI gateway designed to steal your data A significant proportion of cyberincidents are linked to supply chain attacks, and this proportion is constantly growing. Over the past year, we have seen a wide variety of methods used in such attacks, ranging from creation of malicious but

安全情报

Coruna: the framework used in Operation Triangulation

📡 Kaspersky Securelist · 2026-03-26 Coruna: the framework used in Operation Triangulation CVE-2023-32434CVE-2023-38606 Introduction On March 4, 2026, Google and iVerify published reports about a highly sophisticated exploit kit targeting Apple iPhone devices. According to Google, the exploit kit was first discovered in targeted attacks conducted by a customer of an unnamed

安全情报

Mitigating Fragmented SQL Injection Attacks: Effective Solutions

📡 Compass Security · 2025-02-12 Mitigating Fragmented SQL Injection Attacks: Effective Solutions This blog post breaks down Fragmented SQL Injection, a method hackers use to bypass authentication by manipulating two different input fields at the same time. Our security expert explains why single quotes matter in SQL injection attacks and how using

安全情报

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

📡 Security Affairs · 2026-04-30 Anti-DDoS Firm Heaped Attacks on Brazilian ISPs CVE-2023-1389 A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’

安全情报

That AI Extension Helping You Write Emails? It’s Reading Them First

📡 Imperva Blog · 2026-04-30 That AI Extension Helping You Write Emails? It’s Reading Them First Executive Summary We found 18 AI browser extensions marketed as productivity tools that are not as they seem. This group includes extensions such as: * One that surveils your emails as you compose them * Another that

安全情报

CVE-2026-5063 (CVSS 7.2) - The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vuln

📡 NVD-Latest · 2026-05-03 CVE-2026-5063 (CVSS 7.2) - The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vuln CVE-2026-5063 CVE-2026-5063 CVSS:7.2 The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form(

安全情报

CVE-2026-7698 (CVSS 7.3) - A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.

📡 NVD-Latest · 2026-05-03 CVE-2026-7698 (CVSS 7.3) - A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7. CVE-2026-7698 CVE-2026-7698 CVSS:7.3 A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/

安全情报

CVE-2026-42364 (CVSS 9.9) - An os command injection vulnerability exists in the DdnsSetting.cgi functionalit

📡 NVD-Latest · 2026-05-04 CVE-2026-42364 (CVSS 9.9) - An os command injection vulnerability exists in the DdnsSetting.cgi functionalit CVE-2026-42364 CVE-2026-42364 CVSS:9.9 An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command

安全情报

Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India

📡 Ars Technica Security · 2026-04-30 Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India In December 2025, we detected a wave of malicious emails designed to look like official correspondence from the Indian tax service. A few weeks later, in January 2026, a similar campaign began

安全情报

CVE-2026-42370 (CVSS 9.0) - A stack overflow vulnerability exists in the WebCam Server Login functionality o

📡 NVD-Latest · 2026-05-04 CVE-2026-42370 (CVSS 9.0) - A stack overflow vulnerability exists in the WebCam Server Login functionality o CVE-2026-42370 CVE-2026-42370 CVSS:9.0 A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to

漏洞分析

[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

CVE-2025-40271CVE-2023-3269CVE-2023-32233 Linux内核proc文件系统remove_proc_entry()未清除红黑树节点导致UAF权限提升 High · CVSS 7.8 📋 漏洞基础信息 CVECVE-2025-40271CVE-2023-3269CVE-2023-32233漏洞类型释放后使用（Use-After-Free）受影响版本Linux kernel ~3.14+ 至 6.18-rc5 (含5.10.247之前、6.1.159之前、6.12.73之前及6.18-rc5)危害等级High · CVSS 7.8发布日期2026-05-04来源Exploit-DB 原文 ↗ 🔬 漏洞根因 proc文件系统的remove_proc_entry()函数调用rb_erase()从父节点的红黑树中移除proc_dir_entry（pde），但未调用RB_CLEAR_NODE()将节点标记为已分离，导致已释放的节点中残留红黑树链接，RB_

漏洞分析

[local] Linux nf_tables 6.19.3 - Local Privilege Escalation

CVE-2026-23231CVE-2024-1086CVE-2023-32233 Linux内核nf_tables因缺少synchronize_rcu导致本地提权漏洞 HIGH · CVSS 7.8 📋 漏洞基础信息 CVECVE-2026-23231CVE-2024-1086CVE-2023-32233漏洞类型Use-After-Free (UAF) 本地权限提升受影响版本Linux Kernel 3.16 - 6.19.3危害等级HIGH · CVSS 7.8发布日期2026-05-04来源Exploit-DB 原文 ↗ 🔬 漏洞根因在nf_tables_addchain()函数中，创建新链后通过list_add_tail_rcu()将其发布到表链列表，但在调用nf_tables_register_hook()注册hook之前。如果hook注册失败（例如因OOM），错误路径调用nft_chain_del()（list_del_rcu）后立即调用nf_tables_chain_destroy(

漏洞分析

[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)

CVE-2025-60690 Linksys E1200路由器apply.cgi存在认证后的栈缓冲区溢出，可导致远程代码执行。 High · CVSS 8.8 📋 漏洞基础信息 CVECVE-2025-60690漏洞类型栈缓冲区溢出（Authenticated Stack Buffer Overflow）受影响版本Linksys E1200 固件版本 <= v2.0.04危害等级High · CVSS 8.8发布日期2026-05-04提交者JarrettgxzSec来源Exploit-DB 原文 ↗ 🔬 漏洞根因在/apply.cgi处理HTTP POST请求时，对'lan_ipaddr_3'参数的值未进行长度校验，直接将用户输入拷贝到栈缓冲区，导致溢出覆盖返回地址。 🎯 攻击场景 1. 攻击者需拥有路由器管理凭据（默认admin:admin）； 2. 通过HTTP POST请求向/apply.cgi发送精心构造的payload，

漏洞分析

[webapps] MindsDB 25.9.1.1 - Path Traversal

CVE-2026-27483 MindsDB API文件上传路径遍历导致远程代码执行 Critical · CVSS 估计9.8 📋 漏洞基础信息 CVECVE-2026-27483漏洞类型路径遍历RCE受影响版本MindsDB < 25.9.1.1危害等级Critical · CVSS 估计9.8发布日期2026-05-04提交者Lohitya Pushkar (thewhiteh4t)来源Exploit-DB 原文 ↗ 🔬 漏洞根因 /api/files/{fname}端点未对上传文件路径进行有效限制，导致攻击者可通过路径遍历字符串（如../../../../../../venv/lib/python3.10/site-packages/pip/__init__.py）覆盖任意文件，结合后续handler安装触发恶意代码执行。 🎯 攻击场景 1. 检查目标MindsDB版本和认证状态；2. 若认证启用则先通过/api/login获取Bearer token；3. 构造一个Python反弹shell载荷（文件名随机）；4.

安全情报

Essential Data Sources for Detection Beyond the Endpoint

📡 Tenable Blog · 2026-05-01 Essential Data Sources for Detection Beyond the Endpoint The 2026 Unit 42 Global Incident Response Report delivers a sharp wake-up call: Threat actors are now moving 4x faster to exfiltration than in 2025. By striking across three or more surfaces simultaneously, adversaries are intentionally exploiting the blind

安全情报

CVE-2026-7784 (CVSS 7.3) - A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue aff

📡 NVD-Latest · 2026-05-05 CVE-2026-7784 (CVSS 7.3) - A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue aff CVE-2026-7784 CVE-2026-7784 CVSS:7.3 A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file

安全情报

CVE-2026-44028 (CVSS 7.5) - An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded re

📡 NVD-Latest · 2026-05-05 CVE-2026-44028 (CVSS 7.5) - An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded re CVE-2026-44028 CVE-2026-44028 CVSS:7.5 An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the

安全情报

CVE-2026-43527 (CVSS 7.7) - OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability i

📡 NVD-Latest · 2026-05-05 CVE-2026-43527 (CVSS 7.7) - OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability i CVE-2026-43527 CVE-2026-43527 CVSS:7.7 OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration

安全情报

CVE-2026-43530 (CVSS 8.8) - OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval bi

📡 NVD-Latest · 2026-05-05 CVE-2026-43530 (CVSS 8.8) - OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval bi CVE-2026-43530 CVE-2026-43530 CVSS:8.8 OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that

安全情报

CVE-2026-7833 (CVSS 7.2) - A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerabilit

📡 NVD-Latest · 2026-05-05 CVE-2026-7833 (CVSS 7.2) - A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerabilit CVE-2026-7833 CVE-2026-7833 CVSS:7.2 A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file

安全情报

GHSA-3h96-34p3-xm76 - GraphQL-Ruby's Ruby lexer does not count comment tokens for the purposes of max_

📡 GitHub-Advisory · 2026-05-05 GHSA-3h96-34p3-xm76 - GraphQL-Ruby's Ruby lexer does not count comment tokens for the purposes of max_ GHSA-3h96-34p3-xm76 MEDIUM rubygems/graphql CVE: GraphQL-Ruby's max_query_string_tokens configuration didn't count comment tokens against the limit, allowing strings to be processed even after the configured

安全情报

CVE-2026-32688 - Plug.Cowboy vulnerable to unauthenticated remote DoS via HTTP/2 `:scheme` atom-t

📡 GitHub-Advisory · 2026-05-05 CVE-2026-32688 - Plug.Cowboy vulnerable to unauthenticated remote DoS via HTTP/2 `:scheme` atom-t CVE-2026-32688 GHSA-q8x4-x7mp-5vg2 HIGH erlang/plug_cowboy CVE: CVE-2026-32688 Summary An unauthenticated remote denial-of-service vulnerability in Plug.Cowboy.Conn allows any attacker who can reach an HTTPS Plug.Cowboy listener via HTTP/2 to permanently