Aggregator

Also: the Pentagon-Anthropic AI Legal Showdown, the New Reality of Document Fraud
In this week's panel, four ISMG editors discuss the cyber activity tied to the U.S.-Israel-Iran conflict, the Pentagon's standoff with AI firm Anthropic and a new report that reveals how document fraud reflects deeper weaknesses in verification systems.

New Startup Says Cloud-Heavy Models Do Not Scale for Large Enterprises
Bold Security exited stealth with $40 million to build an endpoint platform for the artificial intelligence era. CEO Nati Hazut said companies can no longer rely on older controls as employees and AI agents access data locally, creating new blind spots around apps, files and device activity.

Неужели ради защиты данных нам больше не нужно жертвовать скоростью?

嗯，用户让我帮忙总结这篇文章，控制在100字以内。首先，我需要通读整篇文章，理解其主要内容和关键点。文章主要讨论了传统软件安全与AI安全的不同之处，特别是在AI模型被武器化的情况下如何证明模型的安全性。 文章提到了传统软件使用数学证明和哈希来确保安全，但AI模型由于其随机性和非确定性，无法直接应用这些方法。因此，作者介绍了几种新兴的解决方案，比如格式沙箱、权重空间水印和零知识机器学习（zkML），这些都是为了在AI供应链中建立可验证的来源。 接下来，我需要将这些关键点浓缩到100字以内。要确保涵盖传统方法的不足、AI模型的特性以及提出的解决方案。同时，语言要简洁明了，避免使用复杂的术语。 最后，检查字数是否符合要求，并确保总结准确传达文章的核心内容。 文章探讨了AI模型安全问题，指出传统软件安全方法无法直接应用于AI领域。由于AI模型的随机性和非线性特性，传统的哈希验证方式难以有效追踪模型来源或检测潜在后门。为解决这一问题，研究人员提出了多种新兴技术方案，如格式沙箱、权重空间水印和零知识机器学习（zkML），以构建更安全的AI供应链和验证机制。

A vulnerability was found in Apache Spark up to 3.5.6/4.0.0 and classified as critical. This vulnerability affects unknown code. Such manipulation leads to privilege escalation. This vulnerability is listed as CVE-2025-54920. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in webaways NEX-Forms Plugin up to 9.1.9 on WordPress and classified as critical. This affects the function deactivate_license. This manipulation causes missing authorization. This vulnerability is tracked as CVE-2026-1948. The attack is possible to be carried out remotely. No exploit exists.

好的，我现在需要帮用户总结这篇文章的内容，控制在100字以内。首先，我得仔细阅读文章，抓住关键点。 文章主要讲的是WinRAR软件存在严重的安全漏洞，被黑客利用。这些漏洞通过钓鱼邮件传播，特别是伪装成简历的文件，点击后会植入恶意软件。攻击者包括多个俄罗斯网络犯罪集团和国家支持的组织，影响范围广泛。 另外，文章提到即使用户更新到7.12版本，仍然存在另一个零日漏洞，必须升级到7.13或更高版本才能修复。而且WinRAR不会自动更新，用户需要手动操作。 总结的时候要简洁明了，涵盖WinRAR被武器化、钓鱼攻击、恶意软件植入、多个攻击组织以及升级的重要性。确保不超过100字，并且直接描述内容，不使用总结性开头。 WinRAR因长期未更新导致安全漏洞被武器化。黑客利用“提取此处”按钮和钓鱼邮件传播恶意软件，伪装成简历文件植入后门。多个网络犯罪集团利用此漏洞攻击企业和政府机构。用户需手动升级至7.13版本以修复漏洞。

好的，我现在需要帮用户总结一篇文章的内容，控制在100字以内。用户的要求是直接写文章描述，不需要特定的开头。首先，我得仔细阅读文章内容，抓住主要信息。 文章主要讲的是ClickFix攻击链如何通过伪装成普通的CAPTCHA或浏览器更新来诱骗用户点击，进而安装恶意软件。这种攻击利用了用户的信任和对常见弹窗的忽视。一旦点击，就会启动一个多阶段的感染过程。 攻击的第一步是通过MSI安装程序传播恶意软件，利用DLL搜索顺序劫持加载恶意DLL。然后，通过劫持C++对象的析构函数来执行恶意代码，避开传统的DLL入口点检测。接着，使用“字典交响乐”技术解密payload，结合自定义字母表和滚动XOR加密来混淆代码。 最后，Lumma Stealer窃取用户的浏览器会话cookie和token，绕过MFA保护，直接接管账户。文章还提到即使使用MFA也不能完全防止这种攻击，因为攻击者窃取的是已经认证的会话。 总结时需要涵盖攻击链的关键点：伪装、多阶段感染、DLL劫持、解密技术以及绕过MFA的方式。同时要控制在100字以内，所以要简洁明了。 现在组织语言：ClickFix攻击通过伪装成普通弹窗诱骗点击，启动多阶段感染链。利用DLL劫持加载恶意软件，并通过C++析构函数执行代码。结合自定义字母表和滚动XOR解密payload。最终窃取会话cookie和token，绕过MFA控制企业账户。 ClickFix攻击通过伪装成普通弹窗诱骗点击,启动多阶段感染链,利用DLL劫持加载恶意软件,并结合自定义字母表和滚动XOR解密payload,最终窃取会话cookie和token,绕过MFA控制企业账户.

近日，针对互联网助贷业务问题，金融监管总局对分期乐、奇富借条、你我贷借款、宜享花、信用飞等5家平台的运营机构进行约谈。

政府工作报告——2026年3月5日在第十四届全国人民代表大会第四次会议上

新华社受权于13日全文播发《中华人民共和国国民经济和社会发展第十五个五年规划纲要》。十四届全国人大四次会议3月12日表决通过了关于国民经济和社会发展第十五个五年规划纲要的决议，决定批准这个规划纲要。

2天掌握前沿技术 · 培养实战型人才

In a massive international crackdown on cybercrime, law enforcement agencies from 72 countries have successfully dismantled over 45,000 malicious IP addresses and servers. Coordinated by INTERPOL, “Operation Synergia III” targeted the critical infrastructure behind devastating ransomware, malware, and phishing campaigns worldwide. Running from July 18, 2025, to January 31, 2026, the operation highlights unprecedented cross-border […]

The post Authorities Crack Down on 45,000 Malicious IPs Powering Ransomware Attacks appeared first on Cyber Security News.

A vulnerability has been found in Linux Kernel up to 6.6.88/6.12.25/6.14.4/6.15-rc3 and classified as critical. Affected by this vulnerability is the function apple_soc_cpufreq_get_rate of the component cpufreq. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-37831. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.15-rc3. This impacts the function scmi_cpufreq_get_rate of the component cpufreq. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37830. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. Affected is the function ufshcd_mcq_compl_pending_transfer of the component scsi. This manipulation causes null pointer dereference. The identification of this vulnerability is CVE-2025-37826. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.88/6.12.25/6.14.4/6.15-rc3. Affected by this vulnerability is the function ufshcd_mcq_abort of the component scsi. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-37828. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3/e91dab550dd1d2221333cac9f5c012ab5193696f. It has been declared as critical. This vulnerability affects the function __btrfs_add_free_space_zoned of the component btrfs. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-37827. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.