By | Bai Kaishui without sugar Produced by | OSC Open Source Community (ID: oschina2013) The online learning platform O’Reilly has recently released a report titled “Technology Trends for 2022.” This report is based on data generated from January to September 2021 on the platform and compares it with the same period in 2020; it … Read more
Focusing on source code security, gathering the latest information from home and abroad!Compiled by Qihoo 360 Code Guardian Team Guido Vranken, a researcher from ForAllSecure, discovered a Remote Code Execution (RCE) vulnerability (CVE-2020-7982) that has existed for 3 years in the Linux-based open-source operating system OpenWrt, and released technical details and a PoC. OpenWrt is … Read more
Click the blue text to follow us On January 18, 2024, the Baowangda Xingluo Cybersecurity Laboratory detected the denial of service vulnerability CVE-2023-6549 in NetScaler ADC & NetScaler Gateway. Vulnerability Overview NetScaler ADC and NetScaler Gateway are products of Citrix Systems, Inc. NetScaler Gateway is a secure remote access solution that provides application-level and data-level … Read more
Cybersecurity researchers have disclosed two security vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems, which could allow local attackers to escalate their privileges to root access on vulnerable machines. The vulnerabilities are briefly described as follows: CVE-2025-32462 (CVSS Score: 2.8) – Sudo versions prior to 1.9.17p1, when used with a sudoers … Read more
05.19 Hack News Summary 01.New HTTPBot Botnet Launches Over 200 Targeted DDoS Attacks Against China’s Gaming and Technology Industries The Windows botnet HTTPBot, written in Golang, has been active since 2024, launching over 200 high-precision DDoS attacks targeting login/payment interfaces of Chinese gaming companies, technology enterprises, and educational platforms. Key technical features include: Stealth Persistence: … Read more
Introduction Recently, the National Internet Emergency Center (CNCERT) issued a risk warning regarding the BlackMoon variant of the HTTPBot botnet. The China Mobile Smart Home Operations Center promptly captured this significant security incident and collaborated with the Cybersecurity Center to initiate an emergency response. After investigating and analyzing the China Mobile network, it was determined … Read more
Part01 Chatbot “Xbow” Ranks First on HackerOne The performance of artificial intelligence (AI) has surpassed that of human red team members. On the HackerOne platform, an AI chatbot named “Xbow” currently ranks first in the reputation leaderboard of the US security industry. The platform connects businesses with ethical hackers through a bug bounty program, and … Read more
In the thriving era of smart manufacturing, industrial control systems serve as the “nervous center” of the manufacturing industry, and their importance is self-evident🧠. From automated equipment on production lines to energy management systems in factories, industrial control systems are ubiquitous, supporting the efficient operation of the entire production process🏭. However, with the deep integration … Read more
Hackers never sleep, so how can enterprises afford to let their defenses down? Attackers particularly favor launching attacks during non-working hours—when security personnel are fewer, significantly delaying incident response and resolution times. When retail giant Marks & Spencer faced a security incident over the Easter weekend, its e-commerce platform, which accounted for one-third of its … Read more
On June 20, 2025, the IoT College organized a group of 29 students who will participate in the network operation and maintenance of the venues for the 2025 Chengdu World Games to visit the China Cybersecurity Science and Technology Museum for a specialized study activity. This study activity focused on the theme of “Focusing on … Read more