首页 - HackerHub

云安全 2026-04-16

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to...

云安全 2026-04-16

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how...

云安全 2026-04-16

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipment like routers, then modifying their settings in...

漏洞分析 2026-04-16

NSFOCUS Received International Recognition among Representative Vendors of OT Security with Geographic Focus in Asia Pacific

SANTA CLARA, Calif., Apr 15, 2026 – Recently, Forrester, an international authoritative research firm, officially released The Operational Technology Security Solutions Landscape, Q1 2026[1]. NSFOCUS ...

漏洞分析 2026-04-16

NSFOCUS Threat Intelligence Interviewed in The Top Trends Shaping Threat Intelligence in Asia Pacific Report by International Authority

SANTA CLARA, Calif., Apr 14, 2026 – Forrester, an international authoritative consulting firm, released “The Top Trends Shaping Threat Intelligence in Asia Pacific”. With its deep technical accumulati...

漏洞分析 2026-04-16

NSFOCUS Monthly APT Insights – February 2026

Regional APT Threat Situation In February 2026, the global threat hunting system of FUYING Lab detected a total of 21 APT attack activities. These activities were primarily concentrated in regions inc...

漏洞分析 2026-04-16

NSFOCUS Monthly APT Insights – January 2026

Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of 26 APT attack activities. These activities were primarily concentrated in regions incl...

漏洞分析 2026-04-16

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of...

漏洞分析 2026-04-16

公安部通报37款违规应用，电商类占比超七成，小程序不再是 “法外之地”

依据《网络安全法》《个人信息保护法》等法律法规，经公安部计算机信息系统安全产品质量监督检验中心检测，37款移动应用存在违法违规收集使用个人信息情况，具体通报如下：【1、未公开收集使用规则。涉及21款移动应用如下：】《奇峰商城》（支付宝小程序）、《聚优商城》（微信小程序）、《亿秀分期商城》（支付宝小程序）、《鲜范商城》（微信小程序）、《京机数码手机商城》（支付宝小程序）、《创维官方商城》（支...

漏洞分析 2026-04-16

Progress ShareFile曝新漏洞可组合实现未认证远程代码执行

最新发现，企业级安全文件传输解决方案 Progress ShareFile 存在两处漏洞，攻击者可将其组合利用，在无需身份认证的情况下从受影响环境中窃取文件。Progress ShareFile 是一款文档共享与协作产品，广泛应用于大中型企业。此类文件传输平台历来是勒索软件团伙的重点攻击目标，此前 Clop 勒索组织就曾利用 Accellion FTA、SolarWinds Serv-U、Gl...

探索网络安全的无限可能

最新文章

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

NSFOCUS Received International Recognition among Representative Vendors of OT Security with Geographic Focus in Asia Pacific

NSFOCUS Threat Intelligence Interviewed in The Top Trends Shaping Threat Intelligence in Asia Pacific Report by International Authority

NSFOCUS Monthly APT Insights – February 2026

NSFOCUS Monthly APT Insights – January 2026

Axios Front-End Library npm Supply Chain Poisoning Alert

公安部通报37款违规应用，电商类占比超七成，小程序不再是 “法外之地”

Progress ShareFile曝新漏洞可组合实现未认证远程代码执行