探索网络安全的无限可能

最新文章

漏洞分析 2026-04-16

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. 文章来源: https://threatpost.com/0ktapus-victimize-130-firms/180487/

admin 6 0

漏洞分析 2026-04-16

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. 文章来源: https://threatpost.com/ransomware-attacks-are-on-the-rise/180481/

admin 6 0

漏洞分析 2026-04-16

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. 文章来源: https://threatpost.com/cybercriminals-are-selling-access-to-chinese-...

admin 6 0

Web安全 2026-04-16

CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access

An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and take full control of Nginx servers. A critical vulnerability in nginx-ui, tracked as CVE-2026-330...

admin 6 0

Web安全 2026-04-16

U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a...

admin 5 0

Web安全 2026-04-16

Mirax malware campaign hits 220K accounts, enables full remote control

Mirax, a new Android RAT, spread via Meta ads, infected 220,000 users and turns devices into SOCKS5 proxies, giving attackers full remote control. Mirax is a new Android remote access trojan spreading...

admin 6 0

Web安全 2026-04-16

PHP Composer flaws enable remote command execution via Perforce VCS

Two high-severity flaws in PHP Composer could let attackers run arbitrary commands via malicious repository configs and crafted inputs affecting Perforce VCS. Two high-severity vulnerabilities in PHP ...

admin 66 0

Web安全 2026-04-16

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patch Tuesday security updates addressed 165 vulnerabi...

admin 19 0

云安全 2026-04-16

Incident response for AI: Same fire, different fuel

AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed. The post Incident response for AI: Same fire, different...

admin 6 0

云安全 2026-04-16

The agentic SOC—Rethinking SecOps for the next decade

In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes. The post The agentic SOC—Rethinking SecOps ...

admin 6 0