Aggregator

数字信任指数显示用户对数字服务的信任度下降，企业需重视数据管理和隐私保护以维护品牌信誉。不同行业间信任度差异显著，消费者期待更简洁的数据收集流程及透明的数据处理方式。加强网络安全和合规文化是提升用户信任的关键。

基于 Debian 的安全发行版 Parrot 释出了 v6.4 版本。Parrot 6.4 是基于 Debian 12，可能是 6.x 系列的最后的一个版本，下个大版本 Parrot 7.0 将是基于 Debian 13。其它变化包括：Kernel 6.12.12、Metasploit、Sliver、Caido 和 Empire 等工具都更新到新版本；Firefox 最新 LTS 版本，等等。

A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted to conspiring with others to breach protected computer networks and demand ransom payments from victim […]

The post Former U.S. Army Member Pleads Guilty in Telecom Hacking Case appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CodeWisdom团队最新观点文章，将发表于中国计算机学会（CCF）会刊《计算》第3期！

当前环境异常，请完成验证后继续访问。

Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities, electrical grids, and industrial control systems across the United States. The group, operating under the umbrella of the Islamic Revolutionary Guard Corps (IRGC) Shahid Kaveh Cyber Group, has demonstrated sophisticated […]

The post Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems appeared first on Cyber Security News.

21 год, армия, миллион долларов и одна ошибка.

curl发布第269版，新增269个命令行选项。活动今天上午在Twitch直播。移除了Secure Transport和BearSSL支持，并修复了大量bug。

Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems.  The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS scores ranging from 6.2 to 9.3, with three classified as critical severity.  Security researchers discovered these flaws through the Pwn2Own […]

The post VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host appeared first on Cyber Security News.

这篇文章介绍了本周HackerNoon平台上的热门技术内容，包括加密货币增长案例分析、iPhone变显微镜的技术创新、挑战GPU垄断的新语言MLIR与Mojo、AI研究进展及无代码自动化工具n8n等。

美国第二巡回上诉法院在United States v. Mackey案中裁定，仅通过发布误导性政治 memes 无法构成联邦合谋罪。法院强调合谋罪需有明知协议，而无直接沟通或协调的行为不足以证明合谋。该裁决凸显了网络时代合谋法与第一修正案表达自由之间的紧张关系。

Can a person be convicted of a federal conspiracy solely by posting misleading political memes online, without ever having communicated or knowingly coordinated with their alleged co-conspirators?

The post Meme Crimes – Can You Conspire By Meme? appeared first on Security Boulevard.

Hacker Claims to Have Exploited Flaw in Oracle WebLogic Server, Sold Stolen Data
Seychelles Commercial Bank is warning customers that a hacker stole their personal information - but no money - from their accounts after breaching its systems. The hacker involved claims to have stolen and sold two gigabytes of customer data from the bank, which paid no ransom.

Attackers Can Upload Malware in System Management Mode and Disable Secure Boot
Multiple high-severity vulnerabilities in Gigabyte's UEFI firmware could enable attackers to execute arbitrary code within System Management Mode, granting persistent and nearly undetectable control over affected systems, cybersecurity researchers reported.

Analysts Warn White House Chip Reversal Threatens US AI Dominance
President Donald Trump has reportedly reversed a U.S. policy restricting Nvidia chips critical to artificial intelligence technology development from being exported to China in a move that experts say could undercut the U.S. lead in the burgeoning emerging technology market.

Escalating Geopolitical Tensions Could Increase Hacks by 2030, Government Warns
France has identified Russia as the primary threat to national security in the coming years. The French government recommends adopting measures to strengthen its cybersecurity defenses in anticipation of increased hacks from Moscow-aligned attackers driven by geopolitical tensions.

当前环境出现异常状态，需完成验证后方可继续访问服务。

当前环境出现异常状态，需完成验证后才能继续访问相关内容或功能。

这些恶意网址和IP都与特定木马程序或木马程序控制端密切关联，网络攻击类型包括建立僵尸网络、后门利用等。

研究人员的担忧似乎是有根据的，因为ReliaQuest表示，CVE-2025-5777已经被用于有针对性的攻击。