Security News
全球顶尖安全社区实时聚合,追踪最新漏洞、攻防技术与行业动态。
来源:先知社区 · Seebug · The Hacker News 等权威平台 | 每日自动更新
基于 PIC Shellcode 的白程序 Patch 免杀技术实现
免杀:Patch白程序
BroncoCTF PWN WP
BroncoCTF所有pwn题的wp
JDK 21 虚拟线程模型下 Web 应用会话上下文串扰漏洞的挖掘与利用
本文揭示 JDK 21 虚拟线程(JEP 444)引入的一类隐蔽会话越权漏洞。JDK 21 的虚拟线程默认名称为空字符串,当业务代码在未显式命名的虚拟线程中读写以线程名为键的隔离表(多租户上下文、APM 链路追踪、自定义 MDC)时,所有虚拟线程会退化为共享同一条目,导致并发请求间发生身份串扰。
Junior Crypt 2026 CTF Pwn 方向 WriteUp
Junior Crypt 2026 CTF所有pwn题的wp
CVE-2026-34973 phpMyFAQ LIKE 通配符注入漏洞分析与复现
phpMyFAQ 是一个基于 PHP 的开源 FAQ(常见问题解答)系统,其公开搜索功能在检索自定义页面时,使用 mysqli::real_escape_string() 对用户输入做转义后直接拼入 LIKE 子句。这里有一个容易被忽视的安全盲区——real_escape_string() 的设计目 ...
利用 x86-64 单字节指令重叠构造双重执行流与绕过分析
x86-64 采用变长指令编码,单条指令长度 1-15 字节。同一段字节序列从不同偏移开始解码,指令边界会发生漂移,同一段内存可以被解析为两组完全不同的指令。 7 字节即可构造出两条执行流:返回值不同、栈效果不同、指令序列不同,但占用完全相同的内存区域。
【AI赋能安全】面向渗透 Agent 的任务失效化蜜罐探索
任务失效化蜜罐的价值不是追求一次性欺骗,而是让 Agent 的任务闭环在受控环境中持续偏航、消耗并最终失去有效方向。
ELF 构造器改写进程环境导致 getenv 与/proc 视图分裂分析
构造器在 main 之前改写环境后,进程内的配置读取、预加载痕迹和入口参数判断可能出现分裂;这对排查初始化顺序、审计 LD_PRELOAD 和定位环境变量污染问题尤其关键。
Weak Security Continues to Fuel Russian Cyberattacks
In a first, the UK and the EU jointly impose sanctions on Russian individuals and entities for cyberattacks and disinformation campaigns in the region ...
'Yellow Teams' Are Defining the Future of AI Security
In some companies, engineers are building defense and attack tools to test the potential of artificial intelligence for cybersecurity — and its threat ...
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from compromise ...
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researc ...
GigaWiper Lets Threat Actors Choose Their Own Destructive Attack
A modular implant borrows from various malware families to combine both backdoor and wiper activities to maximize impact and minimize operational outp ...
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is tha ...
Lessons Learned from CISA’s Recent GitHub Leak
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal ...
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email
Give an AI assistant a memory and access to your inbox, and you hand an attacker a way to rewrite what it thinks it knows about you. A single email ca ...
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, a ...
Turning the Tables on Email Scammers With 'ScamBuster'
An open source, AI-driven system adopts victim personas to engage with phishing attackers, allowing organizations and law enforcement to gather releva ...
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling
Meta has filed a patent application for an AI that listens to your voice throughout the day, works out how it thinks you are feeling from the way you ...
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots
A few days ago, I was sitting with the CISO of a Fortune 50 company, walking through how his security team was thinking about AI agents in the SOC. Sm ...
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD ...
AI Data Centers and the Concentration of Wealth
This essay was written with Nathan E. Sanders, and originally appeared in The Guardian. Opposition to AI data centers has emerged as a primary theme i ...
深度神经网络中统计上不可检测的后门
作者:Andrej Bogdanov,Alon Rosen,Neekon Vafa 原文链接:https://arxiv.org/pdf/2607.09532v1 摘要 我们展示了对抗性模型训练者如何在一大类深度前馈神经网络中植入后门。这些后门在白盒设置下是统计上不可检测的,这意味着即使给定模型的完 ...
Friday Squid Blogging: “Squidbleed” Vulnerability
In a rare combined cybersecurity/squid post, a twenty-nine-year-old squid proxy bug can leak HTTP requests. As usual, you can also use this squid post ...
Jen Ellis: Connecting Cyber Community With Political Machinery
Security Pro File: On the heels of her recent honors as a Member of the Order of the British Empire (MBE), we take a look back at the events that shap ...
Cybercriminals Flock to Healthcare Businesses as Attacks Surge
While cyberattacks against hospitals and clinics grew modestly in the first half of 2026, attacks on service providers and other healthcare businesses ...
Fresh ATM Crypto Software Bugs: Jackpot or Bust?
Organizations, and possibly ATMs, are at risk of compromise, thanks to holes in a Microsoft BitLocker security wrapper.
More Countries Jump on the Social Media 'Ban Wagon'
Age restrictions on accounts may be more of a stopgap because industry compliance is already falling short. Tech giants are struggling to follow the l ...
AI Surveillance and Social Progress
In the near future, AI-powered surveillance systems will be able to track everything we do in public, and much of what we do in private. And if we do ...
认知防火墙:一种面向LLM安全的主动式、零信任、多门控框架
作者: Michele Guida, Ruslan Shikhhamzayev, Sindhuja Penchala, Stefano Iannucci, Jiacheng Li, Shahram Rahimi, Noorbakhsh Amiri Golilarz 原文链接:https://arxi ...
The Language of AI Could Change How Humans Speak
Because of the way they are trained, large language models capture only a slice of human language. They're trained on the written word, from textbooks ...
Weekly Update 511: Live from my Riad in Marrakech
How's this for a location?! I mean, last week was nice with Scott in Mallorca, but Marrakech is, well, wow 😮 Anyway, about those data bre ...
Felons, Fraudsters Flog Offensive Cybersecurity Startup
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right co ...
Cybersecurity and the Gap Between Skill and Ability
Last week, national security agencies from the Five Eyes—that's the rich, English-language-speaking countries club—jointly released a statement warnin ...
超越提示词:通过模拟审核痕迹越狱函数调用型LLM
作者:Junlong Liu, Haobo Wang, Weiqi Luo, Xiaojun Jia 原文链接:https://arxiv.org/pdf/2607.00481v1 摘要 越狱攻击仍然是对大型语言模型(LLM)安全部署的关键威胁。虽然先前的工作主要研究提示词层面的攻击和防御,但我们表 ...
Google Is Suing Chinese Scammers Who Are Using Gemini
Not sure this will have any effect, but I support the effort: According to Google's legal filing, Outsider Enterprise operates through Telegram. The g ...
拒绝背后:通过行为监控确定护栏激活
作者:William Hackett, Peter Garraghan 原文链接:https://arxiv.org/pdf/2607.02121v1 摘要 随着大型语言模型(LLM)和智能体系统融入实际应用,确保其安全性和保障性变得至关重要。用于检测并拦截发送至LLM及从LLM发出的恶意指令的护栏 ...
France to Stop Certifying Non-Quantum-Safe Encryption
France is accelerating its transition to post-quantum encryption: France's cybersecurity agency ANSSI said on Tuesday it would stop certifying securit ...
Flock Cameras Can Surveil Cars Without License Plates
This is from a 2024 company presentation: Officers can also tap into data showing a car's decals, bumper stickers, back and top racks—along with tempo ...
Swimming Pools, Pee, and Trying to Delete Your Data From the Internet
I can't recall if someone else originally came up with this saying or if I said it in some off-the-cuff comment and it just propagated, but since ...
FBI Seizes NetNut Proxy Platform, Popa Botnet
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling ...
Hephaestus:迈向网络安全AI科学家
作者:Jiaqi Li, Yang Zhao, Wen Lu, Lvyang Zhang, and Lidong Zhai 原文链接:https://arxiv.org/pdf/2606.29981v1 摘要 网络攻击正在以机器速度推进;但网络安全研究本身却并非如此。现有的AI科学家系统使得端到端的 ...
Weekly Update 510: Live From Mallorca with Scott Helme
How's the view?! Back to business, it's now 8 years ago that Scott and I thought it would be a cool idea to build Why no HTTPS? We used the ...
从效率到泄露——联邦语言模型微调中的隐私后门
作者:Shanghao Shi, Chaoyu Zhang, Heng Jin, Yang Xiao, Yevgeniy Vorobeychik, William Yeoh, Ning Zhang, Y. Thomas Hou, Wenjing Lou 原文链接:https://arxiv.org/ ...
NRT-Bench:面向安全关键控制室中 LLM 智能体的多轮红队测试基准
作者:Hanwool Lee, Dasol Choi, Bokyeong Kim等 原文链接:https://arxiv.org/pdf/2606.20408 摘要 大型语言模型(LLM)智能体越来越多地被提议作为安全关键系统的监督组件,但它们在持续、自适应对抗压力下的鲁棒性仍然缺乏充分表征。本文提 ...
Weekly Update 509
I know enough about home cinema audiovisual to know there's a lot I don't know. It's conscious incompetence, if you like, which is diff ...
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London ...
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to adv ...
面向多种防御策略的自动化越狱攻击
作者:Qi Wang, Chengcheng Wan等 原文链接:https://arxiv.org/pdf/2606.16751 摘要 大型语言模型(LLM)在广泛的任务中展现出了卓越的能力。然而,由于其易受对抗性提示攻击的影响,其安全性仍然是一个关键问题。在本文中,我们提出了UniAttack, ...
Weekly Update 508
Light switches. How on earth is it so hard to find decent light switches?! It sounds ridiculous until you actually spend enough time looking for ones ...
Who Runs the Ransomware Group ‘The Gentlemen?’
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of ...
Weekly Update 507
1,000 breaches is one hell of a milestone. It's not just the process of getting data, verifying it, loading it, sending notifications etc, it&apo ...
A Record-Breaking Patch Tuesday for June 2026
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record numb ...
Welcoming the Philippine Government to Have I Been Pwned
Today, we welcome the 46th government onboarded to Have I Been Pwned’s free gov service: the Philippines.The Philippines’ National CERT, ...
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images an ...
1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever
Today, I loaded the 1,000th data breach into Have I Been Pwned. Reflecting on that milestone number, I pondered how to mark the occasion in writing, a ...
幽灵依赖:Agentic Coding 范式下的新型供应链安全威胁
Author: Tianchu Chen of Tencent Xuanwu Lab 0x00 简介随着 LLM(大语言模型)能力的跃升,AI 软件开发模式正从“人写代码,AI 补全”的 Copilot 模式,向“AI 主导决策,自动执行”的 Agentic Coding 模式演进。在 Agenti ...
AI网络爬虫安全白皮书
Author: Guancheng Li and Zheng Wang of Tencent Xuanwu Lab 本文是腾讯玄武实验室发布的《AI网络爬虫安全白皮书》。我们系统分析了 AI 时代服务端浏览器 / 爬虫在真实业务中的典型使用方式,以及由此带来的新的攻击面与风险。 在这篇白皮书中,我们 ...
ComfyUI-Manager 远程代码执行风险通告
近期腾讯玄武实验室发现可视化 AI 工作流工具 ComfyUI 的官方扩展组件 ComfyUI-Manager 中存在一个高危漏洞(CVE-2025-67303)。利用该漏洞可在无需任何账号的情况下远程入侵安装 ComfyUI 的系统。玄武实验室在发现漏洞后向 ComfyUI 官方进行了报告,目前该 ...
量子计算机距离攻破 RSA-2048 还有多远
Author: Guancheng Li of Tencent Xuanwu Lab 在当今数字世界中,RSA‑2048 与 ECC 等经典公钥密码是最广泛应用的加密标准,支撑着网络安全、金融交易和隐私保护的底层信任。然而,这一基石正面临量子计算的潜在威胁。理论上,量子计算机能够以远快于经典计算机的 ...