dify 安全漏洞

Dify is an open-source LLM application development platform developed by LangGenius. Versions of Dify prior to 1.13.1 contained a security vulnerability. This vulnerability stemmed from insufficient authorization checks in the DELETE /console/api/installed-apps//conversations/ method, which could...

Cloudflare Agents 安全漏洞

Cloudflare Agents is an open-source tool developed by Cloudflare for building and deploying AI agents on Cloudflare platforms. There is a security vulnerability in Cloudflare Agents, which stems from the improper escaping of the errordescription query parameter in the OAuth callback handler of th...

Conti Ransomware Group Diaries, Part III: Weaponry

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what its like to be an employee of Contis sprawling organization. Todays Part III looks at how Conti abused popular commercial...

QQ2011会话密钥泄露漏洞

腾讯QQ是在中国非常广泛使用的即时聊天工具。 Windows平台上QQ的客户端（包括QQ2010/2011等版本）在实现上存在安全漏洞，在生成会话密钥相关的临时密钥时使用了不安全的随机密钥生成算法，导致攻击者可以通过监听用户登录得到会话密钥，进而可以添加、修改、查看所有的聊天记录。 Tencent QQ 2011 Tencent QQ 2010 厂商补丁： Tencent ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://im.qq.com/qq/dlqq.shtml...

Social engineering of the applications-helped MM get back stolen the QQ-vulnerability warning-the black bar safety net

Came home from work the Laundry..MM called and cried and said QQ stolen..to I must put the QQ stolen..you don't How for sure..just say I look at the..and then the Laundry went..then glanced at the..hacking person on the line..look at the so long social engineering of information..now also come in...