Aggregator

Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform. [...]

In Litouwen is een nieuwe lichting militairen van de landmacht aan de slag gegaan. Infanteristen en genisten van 43 Gemechaniseerde Brigade vormen de kern van de hoofdmacht. Een overzicht van Defensieoperaties in de week van 30 juli tot en met 5 augustus 2025.

戴尔百款笔记本曝漏洞，数千万设备受威胁

活动时间：8月7日～14日

看雪论坛作者ID：只会逆一点点

近日，绿盟科技CERT监测到Cursor发布安全公告，修复了Cursor远程代码执行漏洞（CVE-2025-54135）。CVSS评分8.6，目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

Generative AI copilots are transforming SOC workflows, but they’re not immune to manipulation. Inspired by Ben Nassi’s PromptWare research at Black Hat 2024, this post explores how poisoned log data can hijack XDR summaries, turning defensive tools into attack vectors.

The post When Your Logs Lie to You: Log Prompt Poisoning & Injection Risks in XDR AI Summaries appeared first on Sygnia.

The UK’s National Cyber Security Centre has released the Cyber Assessment Framework 4.0

Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster, active since at least March 2025, deploys a custom malware suite named Project AK47, comprising multi-protocol backdoors, ransomware, and DLL side-loading loaders. Microsoft’s analysis attributes the activity to Storm-2603, a […]

The post Chinese Hackers Exploit SharePoint Flaws to Deploy Backdoors, Ransomware, and Loaders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Фреймворк наконец станет открытым. Хотя… какой ценой?

7月17日，第二届青马红客“精英训练营”在广州圆满结营。广东省网络空间安全产业创新联合会、广州锦行网络科技有限公司领导及代表出席结营仪式。

美国学者称以伊战争表明伊朗网络战略正在发生转折

史上最大规模的黑客竞赛

In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, undergirded by an implicit assumption: “If it’s safe, it must be secure.” But that’s not necessarily always the case. As so many chief information and product security officers across the industry have seen, a vehicle deemed functionally safe under ISO 26262 can be highly vulnerable to cyber threats, especially … More →

The post Cybersecurity and the development of software-defined vehicles appeared first on Help Net Security.

期待优秀的你加入我们，也欢迎转发本则招聘信息。

​Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program. [...]

Currently trending CVE - Hype Score: 4 - Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the ...

Currently trending CVE - Hype Score: 21 - Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from ...

我正在雅鲁藏布江下游规划建设一座前所未有的超级水电站。这座水电站，总投资高达1.2万亿元人民币，预计总装机规