Mandiant 发布报告称，KnowledgeDeliver 产品中存在 ViewState 反序列化漏洞，并已被攻击者利用。ViewState 是 ASP.NET 用于保存页面状态的一种机制，如果应用程序对 ViewState 数据未进行充分的签名或验证，攻击者可以通过构造恶意 ViewState 字符串触发反序列化，从而实现远程代码执行。Mandiant 观察到野外利用活动，但未公开具体攻击者归属、受害者行业或地域分布。报告未提供 CVE 编号或具体攻击技术细节。建议用户尽快升级 KnowledgeDeliver 至最新版本，并对 ASP.NET ViewState 启用加密和签名校验。

Threat IntelligenceNorth Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain AttackBy Google Threat Intelligence Group • 16-minute read

Google Cloud Products

Threat Intelligence RSS feed URL

Threat IntelligenceSnow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware SuiteBy Mandiant • 26-minute read

Threat IntelligenceDefending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than EverBy Francis deSouza • 13-minute read

Threat IntelligenceThe German Cyber Criminal Überfall: Shifts in Europe's Data Leak LandscapeBy Google Threat Intelligence Group • 5-minute read

Threat IntelligencevSphere and BRICKSTORM Malware: A Defender's GuideBy Mandiant • 62-minute read

Threat IntelligenceWelcome to BlackFile: Inside a Vishing Extortion OperationBy Google Threat Intelligence Group • 16-minute read

Threat Intelligence2 PhaaS 2 Furious: The Evolution of Chinese-Language Phishing ServicesBy Google Threat Intelligence Group • 7-minute read

Threat IntelligenceSeeking Counsel: Ongoing Targeted Campaign Against US Law FirmsBy Mandiant • 19-minute read

Threat IntelligenceShinyHunters Targets Education Sector with Oracle PeopleSoft ExploitBy Mandiant • 12-minute read

SAP on Google Cloud

Inside Google Cloud

Google Cloud Next & Events

Google Cloud Consulting

Transform with Google Cloud

Infrastructure Modernization

Productivity & Collaboration

Storage & Data Transfer

Financial Services

Healthcare & Life Sciences

Media & Entertainment

Telecommunications

Training & Certifications

Google Maps Platform

Google Workspace

Developers & Practitioners

GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access

Security & Identity

Jump to Content

Get started for free

AI & Machine Learning

Application Development

Application Modernization

Chrome Enterprise

Containers & Kubernetes

Maps & Geospatial

Threat Intelligence

Threat IntelligenceM-Trends 2026: Data, Insights, and Strategies From the FrontlinesBy Jurgen Kutscher • 8-minute read

Threat IntelligenceThe Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat ActorsBy Google Threat Intelligence Group • 34-minute read

Threat IntelligenceRansomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat LandscapeBy Google Threat Intelligence Group • 53-minute read

Threat IntelligenceProactive Preparation and Hardening Against Destructive Attacks: 2026 EditionBy Mandiant • 222-minute read

Threat IntelligenceLook What You Made Us Patch: 2025 Zero-Days in ReviewBy Google Threat Intelligence Group • 23-minute read

Threat IntelligenceCoruna: The Mysterious Journey of a Powerful iOS Exploit KitBy Google Threat Intelligence Group • 25-minute read

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use