Aggregator

CVE-2025-26709 | ZTE F50 1.0.0B07 Web Module Interface information disclosure

4 weeks 2 days ago

A vulnerability marked as problematic has been reported in ZTE F50 1.0.0B07. This vulnerability affects unknown code of the component Web Module Interface. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-26709. Access to the local network is required for this attack. There is no exploit available.

vuldb.com

SBOM风险预警 | NPM前端框架 javaxscript 遭受投毒窃取浏览器cookie

悬镜安全

4 weeks 2 days ago

悬镜在NPM官方仓库中捕获1起针对JS前端框架组件 javaxscript 的投毒攻击事件，存在较大安全隐患，请速排查！

U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions

The Hackers News

1 month ago

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019. The Treasury said it's also imposing sanctions on Garantex's successor, Grinex

The Hacker News

New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”

Cyber Security News

1 month ago

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of the popular travel booking platform Booking.com. The malicious technique leverages the visual similarity between the […]

The post New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/” appeared first on Cyber Security News.

Guru Baran

51 секунда — всё, что нужно хакерам, чтобы прорваться в вашу сеть и начать её захват. Ваша защита бесполезна.

Securitylab.ru

1 month ago

CrowdStrike прогнозирует эру молниеносных атак и социальной инженерии, усиленной ИИ.

Agent Communication Protocol (ACP): как работает стандарт связи ИИ-агентов

Securitylab.ru

1 month ago

Агенты больше не обязаны жить в изоляции. Новый стандарт ACP от IBM — это универсальный язык общения для ИИ-агентов на любых фреймворках. REST, асинхронность, простота запуска — всё, чтобы наконец забыть об интеграционном хаосе.

关于举办“AI安全攻防与测试” 培训班的通知

安全419

1 month ago

本课程旨在通过系统性知识学习，培养实战化AI安全人才，为“AI+”时代关键信息基础设施安全建设提供人才保障。

安全419企业探营| 15分钟让你了解一个完整的犬安科技

安全419

1 month ago

不只是车联网安全

【安全圈】假冒《我的世界》游戏传播高危间谍软件

安全圈

1 month ago

关键词恶意软件网络安全研究机构Point Wild近日发布重大威胁警告，发现一款名为"Eaglercraft

【安全圈】Netflix招聘钓鱼骗局窃取Facebook账号

安全圈

1 month ago

关键词网络钓鱼安全公司Malwarebytes警告，一种冒充Netflix招聘的钓鱼攻击正针对求职者，尤其是营

【安全圈】火狐浏览器 Nightly 版出现 BUG 致旧版 Windows 10 无法运行

安全圈

1 month ago

【安全圈】微软正式宣布：Windows 11 23H2家用和专业版即将停止服务支持

安全圈

1 month ago

关键词Windows微软最新公告确认，Windows 11 23H2家用版和专业版的系统更新服务即将终止。

Zero Trust + AI: Privacy in the Age of Agentic AI

The Hackers News

1 month ago

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust, by definition, is about what happens when you’re not looking. Agentic AI — AI that

The Hacker News

现阶段的印度越南制造还只是中国加一

Solidot

1 month ago

印度取代中国成为世界电子制造工厂的蓝图有一个显著的特征：整座印度大厦需要中国公司提供技术架构、制造技术和运营模板。以 Dixon Technologies 为例，该公司与越来越多的中国合作伙伴合作打造印度的电子产品制造能力：龙旗科技提供设计智能，昆山丘钛科技提供摄像头模组专业知识，重庆宇海提供精密模塑部件，惠科电子（HKC）提供显示技术。这种依赖模式已成为印度电子制造业发展的组织原则。现阶段的结构中，中国公司保留了对关键知识的控制权，印度合作伙伴则提供劳动力套利和监管流程。印度与其说在构建中国制造业的替代，不如说是在建造中国制造业的最复杂子公司，由印度纳税人承担，以国家复兴为宣传口号。分析人士将这一战略称为“中国加一”。