5 векторов обхода трёхэшелонной защиты Qwen 3.5-Plus — без единого классического джейлбрейка. Ни DAN, ни «ignore previous instructions». Только контекстное фреймирование — и модель сама пишет ransomware, reverse shell и Security Advisory на собственные уязвимости. Разбор цепочки атак, почему Qwen3Guard, GSPO и RationaleRM оказались бесполезны, и что должна делать реальная защита. Читать далее
Two zero-day vulnerabilities per week from Microsoft, update for popular tools, stories about ransomware and blue team like red to fight with evil. Vulnerabilities: Microsoft patched zero-day which detected in the wil! Tools: Upd for one of the most famous red team tools News: Have you ever hear about vulnerability in malware? Research: Elastic team … Continue reading Two zero-day vulnerabilities per week, update for popular tools and stories about ransomware →
What could be more dangerous than a zero-day vulnerability that has been made public and has not yet been fixed? This is what google projecy zero did by publishing zero-day in windows before the patch. The attempts to exploit Oracle weblogic in the wild also started. But as statistics show, not everyone is in a … Continue reading Most critical vulnerabilities, next ransomware and PRE-ATT&CK → The post Most critical vulnerabilities, next ransomware and PRE-ATT&CK first appeared on Vulners…
Not much big news this week. Mainly ransomware attacks, which are actively expanding and the main vulnerabilities of the past week. Vulnerabilities: New PoC / Exploit for iis, car vulnerabilities and few zero-days for Android; Tools: Pentest tools; News: Ransomware activity, more info about February incident and FBI alert; Research: Have you ever try to … Continue reading More ransomware and more zero-days every week →