今日已更新 328 条资讯 | 累计 20300 条内容
关于我们

标签:#Security

找到 665 篇相关文章

AI 资讯

I Built a Freelance Alternative Where Anyone Can Claim Your Bounty

How I Built a Real-Time Bounty Marketplace with Supabase and 14-Layer Edge Security I wanted to build a platform where anyone can post a task (a "bounty"), set a reward, and have people complete it with verifiable proof. Think freelance work, but optimized for quick, composable task completion — with proof submission as the core trust mechanism. The result is BountyClaimer — a real-time marketplace running on Supabase + Vercel with a security system baked into Edge middleware and scattered across every layer of the stack. 🛠️ The Tech Stack Frontend: React + Vite + TypeScript Backend: Supabase (PostgreSQL, Realtime, Storage, Auth) Payments: Stripe Hosting: Vercel (Edge Middleware) Security: Custom "Armadillo" system (14 layers) Architecture Pattern: Phoenix Architecture for real-time state consistency 🔄 The Core Workflow Post — A user posts a bounty with a reward and description Claim — Others browse and claim available bounties Submit — The claimer completes the work and submits proof (images, video, audio, text, files) Settle — The bounty owner reviews and approves — funds are released Sync — Real-time updates keep both sides in sync instantly The hardest parts were real-time state sync across multiple users , anti-abuse without hurting legitimate users , and security at the edge . 🏛️ The Phoenix Architecture One pattern I'm particularly proud of is what I call the Phoenix Architecture — a real-time state management approach that ensures every client sees the same truth without polling. The core idea: instead of each client fetching data and hoping it's current, database changes (bounty status updates, proof submissions, claim state transitions) are broadcast out via Supabase Realtime. Every connected client receives the same event stream and updates locally. // The Phoenix pattern — subscribe to changes once, // update locally from the event stream const channel = supabase . channel ( `entity- ${ id } ` ) . on ( ' postgres_changes ' , { event : ' * ' , schema : '

2026-06-21 原文 →
开发者

Remote File Inclusion: How a Single URL Parameter Can Give Attackers Full Control of Your Server

Remote File Inclusion (RFI) is a web vulnerability where an application accepts a URL from user input, fetches the file at that URL, and executes it. When there is no validation on what URLs are allowed, an attacker can point the application to a malicious script on their own server and get it executed remotely. This pattern shows up in automation tools, plugin systems, and CI/CD pipelines. The idea of loading scripts from a URL seems useful, but without strict controls, it becomes a direct path to remote code execution. Here is a simplified example of vulnerable server-side code: // Vulnerable automation runner - DO NOT USE IN PRODUCTION const express = require ( ' express ' ); const http = require ( ' http ' ); const https = require ( ' https ' ); const app = express (); app . get ( ' /api/automation/run ' , ( req , res ) => { const scriptUrl = req . query . scriptUrl ; const startTime = Date . now (); const parsedUrl = new URL ( scriptUrl ); const client = parsedUrl . protocol === ' https: ' ? https : http ; client . get ( scriptUrl , ( response ) => { let data = '' ; response . on ( ' data ' , ( chunk ) => { data += chunk ; }); response . on ( ' end ' , () => { // VULNERABLE: executes fetched script without sandboxing or validation const output = eval ( data ); const executionTime = Date . now () - startTime ; res . json ({ status : ' success ' , output : output , executionTimeMs : executionTime }); }); }); }); app . listen ( 8080 , () => { console . log ( ' Server running on port 8080 ' ); }); The core problem with the code above: It accepts any URL from user input without validation It fetches and runs that URL's content using eval() There is no sandboxing or restriction on what the script can do The code runs with the same privileges as the application itself Ethical Considerations This is for educational purposes only. You should only test for RFI on systems you own or have explicit permission to test. Unauthorized testing is illegal and can lead to serious

2026-06-20 原文 →
AI 资讯

Stop Competitors from Scraping Your Data! Building a Backend Defense for Your E-commerce Store

In the world of cross-border e-commerce, malicious bot scraping leading to Meta/Google Pixel pollution is a nightmare for every seller. When your store starts gaining traction, these fake traffic sources can "poison" your ad model, causing your ROAS to plummet. To combat this, I’ve developed a robust "Backend Data Isolation" architecture. The Core Defense Strategy Stop triggering ad conversion events directly from the frontend. Instead, build a "firewall" at the backend to ensure that only verified, high-quality conversion data is sent to your ad platforms. Technical Implementation By implementing server-side logic in Python, we can filter out bot requests effectively: def process_pixel_event ( request ): # Filter out bot signatures (User-Agent, IP analysis) if is_bot_signature ( request . headers [ ' User-Agent ' ]): return None # Send only high-quality data to ad platforms if is_real_customer ( request . session ): trigger_pixel_event ( request ) By leveraging this logic, we feed "private, high-quality data" to the AI. This allows the algorithm to learn only from genuine customer behaviors, creating an "immortal pixel" moat around your store. Learn More For a deep dive into full-scale anti-scraping deployments and how to leverage automated translation techniques to scale traffic in blue-ocean markets, check out my full technical guide: 👉 Read the Full Implementation & Troubleshooting Guide Here

2026-06-20 原文 →
AI 资讯

AWS Adds Multi-Region Replication to Amazon Cognito Identity Service

AWS recently introduced Amazon Cognito multi-region replication, which automatically replicates user identities and user pool configurations from a primary region to a secondary one. This enables applications to continue authenticating users from a replica region during outages, without requiring custom replication and failover mechanisms. By Renato Losio

2026-06-20 原文 →
AI 资讯

Passkeys in 2026: A Practical Engineering Guide to Passwordless Auth

Authentication is broken at its foundation - not just inconvenient. Passwords are shared secrets: hand one to a server, and you have instantly doubled your attack surface. With over 5 billion passkeys now active globally and Google reporting a 99.9% lower account compromise rate compared to passwords, the industry has already moved. This guide covers how passkeys work cryptographically, how to implement them in TypeScript, and the pitfalls to avoid before going to production. Why Passwords Are Structurally Broken The core issue isn't that users pick weak passwords - it's that passwords require a shared secret stored on both sides. The Verizon 2025 DBIR found that 22% of all breaches started with stolen credentials, and 88% of web app attacks relied on them. In 2024, infostealer malware alone harvested 548 million passwords. Adding 2FA helps but doesn't fix the root problem: SMS codes are SIM-swap targets, and TOTP tokens can be phished in real time by proxy attackers who replay codes within their validity window. What Passkeys Actually Are A passkey is a credential built on public-key cryptography, standardized through the WebAuthn spec and FIDO2. When you register, your device generates a public-private key pair - the private key stays locked in hardware (Secure Enclave, StrongBox, or a hardware key), and the server only receives the public key. At login, the server sends a random challenge, your device signs it with the private key after biometric or PIN verification, and the server verifies the signature. No secret is ever transmitted. This eliminates credential stuffing, server-side breach exposure, and phishing - because passkeys are cryptographically bound to a specific origin domain. The Cryptography Worth Understanding The standard algorithm is ES256 - ECDSA with the P-256 curve and SHA-256. Each credential is tied to a specific relying party ID (your app's domain). A passkey created for yourapp.com cannot be used on yourapp-phishing.com because the origin i

2026-06-20 原文 →
AI 资讯

Section 1.1 — Comparing AI Types and Techniques Used in Cybersecurity

Hi, it's Furkan. I'm a security professional prepping for the CompTIA SecAI+ (CY0-001) cert, and I couldn't find study material that actually clicked for me, so I built my own and structured it around the exam blueprint. This is me sharing it back. Each post maps to one objective, and I've leaned hard on real-world scenarios because that's what made it stick for me. If it helps you pass too, even better. CompTIA SecAI+ CY0-001 | Domain 1.0: Basic AI Concepts Related to Cybersecurity "Compare and contrast various AI types and techniques used in cybersecurity." 🧠 What's in This Section? This one breaks down into three big building blocks: AI Types — which kind of AI does what, and where it shows up in security Model Training Techniques — how a model actually gets trained and tuned Prompt Engineering — how to ask an AI the right question Ready? Let's get into it. 🔷 PART 1: Types of AI AI isn't one single thing. Different problems call for different AI approaches. Think of a carpenter's toolbox: there's a hammer, a screwdriver, a saw. They all do different jobs, but they're all "tools." AI types work the same way. 1. Generative AI What it does: Creates new content. Text, images, audio, code; whatever you ask for. How it works: Models trained on huge amounts of data use the patterns they've learned to produce outputs that never existed before. They don't memorize, they learn patterns and then build new things out of them. In security: Defense side: Building security awareness training by simulating phishing emails, auto-generating incident response playbooks, drafting security reports. Offense side: Attackers use generative AI to spin up convincing phishing emails, deepfake audio, or malicious code. 🍕 Real-World Example: A security team wants to test their employees, so they use generative AI to write phishing emails that nail the CEO's writing style. "Hey, I need you to push through an urgent payment...", the email is so realistic that 40% of staff click. That right the

2026-06-20 原文 →
AI 资讯

your CI agent is reading more than your prompt

The dangerous thing about CI agents is not that they can write code. It is that they run in the place where we already concentrate trust. CI has repository access. CI has tokens. CI has build logs. CI can fetch dependencies, publish artifacts, comment on pull requests, open issues, deploy previews, and sometimes touch production systems. It is the automation layer we taught ourselves to trust because the alternative was humans doing the same boring steps by hand. Now we are putting agents inside it. That is useful. It is also exactly where the security model gets weird. Microsoft published a write-up this month about a Claude Code GitHub Action case where untrusted GitHub content and file-reading capability could combine badly. The short version is that an agent operating in a CI/CD context had enough ambient access to read more than the user probably intended, including process environment data that could expose workflow secrets. Anthropic mitigated the issue in Claude Code 2.1.128. The specific bug matters. The pattern matters more. CI/CD agents are not chatbots with a build badge. They are automated actors running in a high-trust environment while reading untrusted instructions from pull requests, issues, comments, commit messages, files, logs, and whatever else the workflow feeds them. That combination deserves more fear than it is getting. prompts are now part of the attack surface We are used to thinking about CI security in terms of code and configuration. Who can modify the workflow file? Which secrets are available to pull requests? Do forks get privileged tokens? Are dependencies pinned? Are artifacts trusted? Can a build script publish something? Does the workflow run on pull_request or pull_request_target ? Those questions still matter. But agents add another layer: text becomes operational input. The agent may read a pull request description. It may read a comment asking it to fix a test. It may read source files changed by an untrusted contributor. It

2026-06-20 原文 →
AI 资讯

Security news weekly round-up - 19th June 2026

Defenders don't rest. They wake up every day thinking about how to protect the systems that they are charged to protect. Meanwhile, attackers are also looking for crafty ways to infect a system or break into computer networks. In the end, it's good for everyone if defenders are always one step ahead of the attackers. EvilTokens: A phishing attack that doesn’t steal your password A phishing attack that does not require creating fake login pages or stealing your passwords. I was speechless when I read the article's title and deservedly so when I read how the attackers executed the attack. The following should get you started: EvilTokens is a phishing-as-a-service (PhaaS) kit built to compromise Microsoft 365 accounts by abusing the OAuth 2.0 device authorization grant flow. As attacks that use the kit rely on device code phishing, they sidestep the need for convincing replicas of genuine login pages where the victims would hand over their passwords. Instead, attackers get the victim to complete a legitimate authentication process – including two-factor authentication (2FA) – on a real Microsoft login page. One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes The good news is that MSFT mitigated the flaw. What's left for tenant admins is to watch and contain. The interesting thing is how the researchers pulled off the attack. Here is what they did: Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were unlikely to flag it. The entry point is the q parameter in the Copilot Enterprise Search URL. It is meant for a natural-language query, but Copilot reads whatever sits there as instructions, not just a search string. Varonis calls this Parameter-to-Prompt injection. Low-skilled attacker used Claude, Codex to breach 14 companies The barrier to entry into cybercrim

2026-06-20 原文 →
AI 资讯

I built a Chrome extension that catches every dark pattern trick on shopping sites. Here's exactly how.

A few months ago I was about to buy a flight. The page showed "Only 2 seats left at this price" in red letters. I hesitated, then refreshed the page out of curiosity. The counter said "Only 2 seats left" again. Same number. It had been resetting on every page load the whole time. That's when I started cataloguing every trick I'd seen on shopping sites and built a Chrome extension that flags them automatically, in real time, on any page. This isn't just my opinion — it's documented research In 2019, Princeton and University of Chicago researchers scraped 11,000 shopping sites and found dark patterns on more than 1,250 of them. The FTC has since fined several companies specifically for fake countdown timers and pre-checked subscription boxes. This isn't a grey area anymore — it's a known, studied, and increasingly regulated practice. The extension targets four categories that account for most of what's out there. The four patterns Fake urgency. Countdown timers that reset, "X people are viewing this" badges that never change, "only N left in stock" that's been static for a week. Trap checkboxes. A checkbox for "Yes, sign me up for the newsletter" that's pre-checked and styled to blend into the page so you don't notice it. Confirmshaming. The decline button reads "No thanks, I don't want to save money" instead of just "No thanks." Psychological pricing. Prices ending in .99 or .95 designed to register as a lower price bracket than they are. Why no AI this time My phishing detector used Claude because language and intent are genuinely ambiguous — you need a model that understands context. Dark patterns are different. They're structural. A countdown timer either resets on reload or it doesn't. A checkbox is either pre-checked or it isn't. That's a DOM query, not a judgment call. So this one runs entirely on regex and DOM inspection. No API calls, no latency, no cost per scan, works offline. Sometimes the boring solution is the correct one. Detecting the urgency pattern T

2026-06-20 原文 →
AI 资讯

No user verification leading to subscription bypass and pre-register

For security reasons, we consider "Target app", as the target we practiced on, and the real name won't be disclosed in this post. The target app, was a niche music streaming platform, available in web and mobile PWA, meaning the structure is same but access is easier for cross platform. The app worked in this way : You register using an account, 3rd party like google or via email After that you can use the app for free with a 3 day window (3 day trial) After the 3 day you gotta buy subscription to continue listening The flaw, existed in the first step, when you register using an email, no verification happens! You could enter any type of string@something.com , a random password and start your free trial. So what happens is that first I use string1@something.com , for 3 days. When the time runs out, I use string2@something.com for another 3 days. And since the app's trial and actual subscription don't have any difference, and the 3 day time window is the only limitation, the user with such knowledge from the app doesn't need to buy any subscriptions while such flaw exists! Mitigation : Apply email verification step after user input, so they have to use the received link to verify their address Blacklist "temporary email" service's address or IPs, so users won't generate any email to register after their trial has expired. This way, the registration process isn't too complex while keeps app from attackers avoiding a "For ever free" usage on the app.

2026-06-20 原文 →
AI 资讯

Is the US government’s Anthropic ban accidentally helping the brand?

Just as last week was ending, the US government forced Anthropic to pull its two newest models, Fable 5 and Mythos 5, citing national security concerns after Amazon researchers allegedly found a way to bypass Fable 5’s guardrails. Cybersecurity researchers have since signed an open letter calling the move dangerous, and Anthropic itself noted the same jailbreaks exist in other models. So is […]

2026-06-20 原文 →
AI 资讯

The 2026-07-28 MCP Spec: A Server Readiness Checklist

The next Model Context Protocol specification, 2026-07-28 , is the largest revision since the protocol launched. The release candidate locked on May 21, 2026, and the final spec publishes on July 28. It contains breaking changes to transport, authorization, and how tool schemas are handled. A server that is correct against 2025-11-25 today is not broken. Nothing here is a present-tense vulnerability. But several of these changes are security properties, not just compatibility ones — request routing integrity, cross-user cache scope, and schema-driven fetch behavior all move under this revision. This checklist walks the changes a server operator needs to handle before July 28, and calls out the security implication wherever there is one. Everything below describes the release candidate. Treat specifics as subject to change until the July 28 final, and validate against the official spec before shipping. Transport: the stateless core This is the headline change. MCP becomes stateless at the protocol layer, and most of the migration work lives here. The handshake and session are gone The initialize / initialized handshake is removed (SEP-2575). Protocol version, client info, and client capabilities no longer get exchanged once at connection time — they travel in _meta on every request. The same SEP adds server/discover as the new discovery anchor: servers must implement it, and clients fetch server capabilities from it when they need them up front. Once the handshake is gone, a server that can't answer server/discover can't be negotiated with. The Mcp-Session-Id header and the protocol-level session it carried are also removed (SEP-2567). Any request can now land on any server instance. The sticky routing and shared session stores that horizontal deployments relied on are no longer required at the protocol layer. If a server needs state across calls, mint an explicit handle from a tool — a basket_id , a browser_id — and have the model pass it back as an ordinary argumen

2026-06-19 原文 →
AI 资讯

Using a locked-down WordPress as the form backend for my static sites

Static sites are great: fast, cheap to host, almost nothing to attack. Then you add a contact form and hit the same wall everyone hits — a static site can't process a submission. You need a backend. The usual answers are a third-party service (Formspree, Netlify Forms, Basin) or a small server you now have to babysit. Both add a dependency you don't control, a recurring bill, and — the part that bugs me most — your submission data lives on someone else's infrastructure. There's a third option I've been running for a while: one WordPress install, zero public pages, used purely as a form endpoint. Every form from every static site I own hits it. I own all the data. And because it serves no public HTML, its attack surface is close to nothing. The architecture Three pieces, each doing one job: WordPress — the backend. Locked down so hard it doesn't behave like a normal WP site anymore. A form plugin — handles building, validation, storage, email, file uploads. (I use CraftForms because it exposes a clean craftforms/v1 REST namespace and can also serve the form HTML to an external page — more on that below.) Your static frontend — Cloudflare Pages / Netlify / wherever. It either fetch es the REST endpoint on submit, or drops in an embed snippet. WordPress never serves a public request. It only processes submissions. The part that matters: locking it down The biggest WordPress attack vector isn't your host — it's outdated plugins . So the first move is brutal minimalism: one plugin, no theme, no page builder, no public frontend. A WP install with one plugin and a blocked frontend has almost no CVE surface, because none of the usual stuff is installed. The rest is one must-use plugin. Drop this in wp-content/mu-plugins/ (no activation needed) and you've blocked the four standard entry points: <?php if ( ! defined ( 'ABSPATH' ) ) exit ; // 1. Restrict the REST API to your form namespace only. // Kills user enumeration (/wp/v2/users), route discovery, the usual REST exploits

2026-06-19 原文 →
AI 资讯

Anthropic’s Fable and the State of AI

On June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to prohibit any foreign nationals from accessing it. Unable to differentiate between Americans and foreigners, the company shut off access for everyone. The government’s actions won’t help . The problem isn’t any one particular model; it’s the general trend of increasing AI capabilities. And any real solution requires the sort of collective action that just isn’t possible right now...

2026-06-19 原文 →
AI 资讯

LLM Guardrails in Practice: What Actually Works

LLMs are unpredictable. They hallucinate, leak data, generate harmful content, or refuse legitimate requests. Guardrails constrain model behavior without sacrificing capability. The key is knowing which guardrails matter and which are just noise. Guardrails aren't about controlling the model. They're about controlling the risk. Input validation The most important guardrail. Bad input gets bad output, and bad input can also prompt-inject your system. Strategy 1: Prompt Sanitization Sanitize dangerous patterns early: import re class PromptSanitizer : def __init__ ( self ): self . dangerous_patterns = [ r " ignore\s+previous\s+instructions " , r " system\s+prompt " , r " you\s+are\s+now\s+free " , r " break\s+out\s+of " , ] def sanitize ( self , prompt : str ) -> str : for pattern in self . dangerous_patterns : prompt = re . sub ( pattern , " [REDACTED] " , prompt , flags = re . IGNORECASE ) return prompt This isn't bulletproof. Adversarial inputs are creative. But it catches the obvious ones, and the obvious ones are the most common. Strategy 2: Input Length Limits Length limits prevent token waste and timeouts: class InputValidator : def __init__ ( self , max_length : int = 10000 ): self . max_length = max_length def validate ( self , prompt : str ) -> tuple [ bool , str ]: if len ( prompt ) > self . max_length : return False , f " Input too long: { len ( prompt ) } > { self . max_length } " return True , " OK " Strategy 3: Content Filtering Content filtering blocks policy violations. The patterns here depend on your domain: class ContentFilter : def __init__ ( self ): self . blocked_topics = [ " violence " , " hate speech " , " self-harm " , " sexual content " , " illegal activities " , ] def filter ( self , prompt : str ) -> tuple [ bool , str ]: prompt_lower = prompt . lower () for topic in self . blocked_topics : if topic in prompt_lower : return False , f " Blocked: { topic } " return True , " OK " Simple string matching is fast but imprecise. For production, us

2026-06-19 原文 →
AI 资讯

Millions Spent on Security Tools. Zero Spent on Asking the Right Questions.

There is a comfortable lie that has taken root in information security domain. It goes like this: "We have invested in the best tools. We have CSPM. We have CNAPP. We have ASM, ASPM, EDR, SIEM. We are covered." Boards believe it. CISOs present it. Security budgets are built around it. And while everyone is looking at dashboards full of green, two things are quietly true: One — attackers are not trying to beat your tools. They are looking for what your tools were never designed to see. Two — the most dangerous gaps in your security posture today are not gaps in your tooling budget. They are gaps in visibility, knowledge, and the fundamental understanding of what your own systems are supposed to do — and whether they actually do it. No tool solves that. Only people do. The Tool Trap The security industry has industrialized the idea that protection is a purchasing decision. Spend enough. Deploy enough. Integrate enough. And you will be secure. This thinking has produced something genuinely useful — a generation of powerful tools that automate detection, surface known misconfigurations, and reduce the manual burden on security teams. CSPM catches publicly exposed storage buckets. EDR detects malware. SIEM correlates suspicious behavior across logs. These tools matter and they work — within the boundaries of what they were designed to see. But there is a boundary. And most organizations have no idea where it is. The boundary is this: every security tool operates on known patterns, defined rules, and observable configuration state. None of them operate on context. None of them understand intent. And intent — what a system was supposed to do, how it was supposed to be accessed, what data it was never supposed to expose — is exactly where the most dangerous vulnerabilities live today. The Dangerous Gap Nobody Has Named Yet Security practitioners are familiar with the concept of IoM — Indicator of Misconfiguration. A wrong setting. An overpermissioned role. A flag that flipp

2026-06-19 原文 →
AI 资讯

Article: Designing Continuous Authorization for Sensitive Cloud Systems

Most cloud systems make one authorization decision at login. Everything after runs on trust established at authentication time. For systems handling regulated data, that gap is where breaches happen. This article presents a continuous authorization architecture covering risk-tiered evaluation, behavioral baselines, privacy-preserving audit trails, and a phased and incremental rollout. By Venkata Nedunoori

2026-06-19 原文 →