BestHub
Sign in
Tagged articles
9 articles
Page 1 of 1
Black & White Path
Black & White Path
May 6, 2026 · Information Security

Inside RegPwn (CVE‑2026‑24291): How a Simple Lock‑Screen Race Condition Grants SYSTEM Access

CVE‑2026‑24291, dubbed RegPwn, exploits a race condition in the Windows ATConfig mechanism that lets a standard user create a registry symbolic link, trigger a lock‑screen transition, and silently elevate to SYSTEM, affecting multiple Windows 10, 11, and Server releases until patched in March 2026.

ATBrokerCVE-2026-24291Detection
0 likes · 15 min read
Inside RegPwn (CVE‑2026‑24291): How a Simple Lock‑Screen Race Condition Grants SYSTEM Access
Bilibili Tech
Bilibili Tech
Jan 17, 2023 · Information Security

Botnet Threat Analysis and Detection Strategies: PBot, Xanthe and Countermeasures

The article delivers a technical overview of modern botnet threats, detailing the PBot and Xanthe families, their infection vectors, command‑and‑control operations, and provides practical detection, mitigation, and statistical analysis methods for defending against large‑scale DDoS, spam, and other malicious activities.

BotnetDetectionSuricata
0 likes · 17 min read
Botnet Threat Analysis and Detection Strategies: PBot, Xanthe and Countermeasures
Meituan Technology Team
Meituan Technology Team
Apr 7, 2022 · Information Security

Malicious Use of eBPF in Cloud‑Native Environments: Threats, Detection, and Defense

While eBPF powers modern cloud‑native networking and observability, attackers can exploit its kernel hooks to create stealthy rootkits that manipulate packets, rewrite files, and persist across reboots, so security teams must harden privileges, monitor BPF syscalls, audit loaded programs, and employ signature verification and LSM controls to detect and mitigate these threats.

DetectionRootkitcloud-native security
0 likes · 30 min read
Malicious Use of eBPF in Cloud‑Native Environments: Threats, Detection, and Defense
JavaEdge
JavaEdge
Mar 29, 2022 · Information Security

How to Detect and Fix the Spring SPEL Remote Code Execution Vulnerability

This guide explains the Spring SPEL injection flaw, how to determine if your Java application is affected by checking JDK version and Spring usage in WAR or JAR packages, and provides official upgrade steps along with temporary WAF and code‑level mitigations.

DetectionRCESpEL
0 likes · 5 min read
How to Detect and Fix the Spring SPEL Remote Code Execution Vulnerability
ByteDance Terminal Technology
ByteDance Terminal Technology
Jan 11, 2022 · Information Security

Graph-Based Detection of Malicious Webpages: Methods, Experiments, and Future Work

This article presents a comprehensive study on detecting malicious webpages using heterogeneous graph structures and Graph Convolutional Networks, detailing background challenges, technical approaches, model iterations, optimization techniques for large‑scale deployment, experimental results, and directions for future research.

DetectionGCNgraph neural networks
0 likes · 9 min read
Graph-Based Detection of Malicious Webpages: Methods, Experiments, and Future Work
DeWu Technology
DeWu Technology
Nov 12, 2021 · Mobile Development

Detecting and Fixing iOS Memory Leaks with Object‑Graph Scanning

This article explains why iOS memory leaks become critical as apps grow, introduces five representative leak models, details a production‑ready object‑graph scanning solution with custom data structures and a non‑recursive DFS algorithm, and evaluates its performance impact and mitigation strategies.

DetectionalgorithmiOS
0 likes · 13 min read
Detecting and Fixing iOS Memory Leaks with Object‑Graph Scanning
Programmer DD
Programmer DD
Jun 13, 2020 · Artificial Intelligence

How AI Deepfakes Threaten Privacy and What Law Is Doing About It

The article examines the rise of AI‑generated deepfake media, its legal treatment under China's new Civil Code and other regulations, the technical ease of creating such content, and the combined efforts of detection technology, ethical education, and legislation to curb its harmful impact.

DetectionEthicsai
0 likes · 14 min read
How AI Deepfakes Threaten Privacy and What Law Is Doing About It
Tencent TDS Service
Tencent TDS Service
Sep 19, 2015 · Information Security

Understanding XcodeGhost: How It Operates and How to Detect It

This article explains the XcodeGhost malware that infected iOS developers, detailing its data‑reporting and command‑issuing capabilities, the potential threats it poses on older iOS versions, and practical steps to detect and remove an infected Xcode installation.

DetectionMobile DevelopmentXcodeGhost
0 likes · 6 min read
Understanding XcodeGhost: How It Operates and How to Detect It