Aggregator

Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours.

«Подозреваемого» вычислили по орфографическим ошибкам и стилю письма.

A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords. [...]

The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX. "PRISMEX combines advanced steganography, component object model (COM) hijacking, and legitimate cloud service abuse for command-and-control," Trend Micro

Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.

The 2026 Threat Detection Report surveys the AI landscape for both defenders and adversaries. Here’s how you can stay ahead.

Купили ноутбук за 2000 долларов, чтобы играть в нейросеть.

Названы главные вирусы, которые атакуют пользователей Mac прямо сейчас.

By applying symbolic execution and the Z3 theorem prover to BPF bytecode, we’ve automated the generation of malware trigger packets, cutting analysis time from hours to seconds.

安全人员的末日到了吗？

Как собрать в одном проекте экс-президентов и фигурантов санкций.

North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the access they gained to inject malware into npm packages downloaded 100+ million times a week. Now, a fresh Open Source Security Foundation (OpenSSF) advisory warns unknown attackers are using a similar approach to target other … More →

The post Social engineering attacks on open source developers are escalating appeared first on Help Net Security.

API Checker 一个用于批量检测和管理 AI LLM API Key 的桌面工具。

Кажется, эпоха компромиссов между ведомством и корпорацией закончилась навсегда.

嗯，用户让我帮忙总结一篇文章，控制在一百个字以内，而且不需要特定的开头。首先，我得仔细阅读文章内容，抓住主要观点。 文章主要讲的是API已经演变为“智能行动层”，成为AI代理的核心。但很多组织对机器之间的流量没有监控能力，存在很大的安全盲点。高管们也在关注AI风险，但传统的安全工具效果不佳。解决方案是采用新的安全平台，比如Salt的Agentic Security Platform，提供更好的监控和响应机制。 接下来，我需要把这些要点浓缩成一句话。要涵盖API的角色变化、安全问题、高管关注以及解决方案。同时保持在100字以内。 可能会这样组织：API成为AI代理的核心，但机器流量监控不足导致安全隐患，高管重视但传统工具失效，需要新平台如Salt来应对。 检查一下是否符合要求：没有使用“文章总结”之类的开头，直接描述内容。字数控制在100字以内。 最后确认一下是否有遗漏的重要信息，比如调查数据和具体解决方案的技术点是否需要提及。可能不需要太详细的数据，保持简洁明了。 API已演变为AI代理的核心“智能行动层”，但企业对机器间流量的监控能力不足，导致安全隐患。高管对AI风险关注度提升，但传统安全工具失效。需采用新平台如Salt的Agentic Security Platform以应对挑战。

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.