Aggregator

Microsoft подписала смертный приговор вашей безопасности — и даже не заметила.

Red Canary unveiled a new suite of expert AI agents. These specialized agents combine the speed and scalability of agentic AI with the quality and consistency of standard operating procedures derived from Red Canary’s elite team of security operators—bringing a powerful new layer of AI-powered automation to threat detection, investigation, and response. Built to reduce manual, repetitive work, these agents mark a significant step toward a more efficient, intelligent, and resilient SOC that remediates incidents … More →

The post Red Canary AI agents accelerate incident response appeared first on Help Net Security.

Google 官方博客宣布释出 Android 16。Android 16 将首先推送给 Google 的 Pixel 设备，其它手机品牌将在稍后推出。Android 16 为新的 Material 3 设计奠定了基础，简化了通知，改进了助听设备支持；安全功能 Advanced Protection，改进了平板设备的生产力功能，等等。

Vanta announced the Vanta AI Agent, marking a major leap forward in how security and compliance teams leverage AI to minimize human error and maximize impact. The Vanta AI Agent autonomously handles end-to-end workflows across a company’s entire GRC program including identifying issues and inconsistencies individuals might miss and proactively taking action on their behalf—all while keeping teams informed and in control. The Vanta AI Agent is the latest AI offering from the company which … More →

The post Vanta AI Agent automates time-consuming GRC workflows appeared first on Help Net Security.

A vulnerability could allow recovery of the phone number associated with a Google account by carrying out a brute force attack. The security researcher who goes online with the moniker “brutecat” discovered that it is possible to brute force the phone number of any Google abusing an issue in the company’s account recovery feature. A […]

Первый миллион роботов мы соберём сами — остальные соберут нас.

Insights on the Expanding Threat Landscape from AWS and Deloitte
As geopolitical tensions rise, companies face an expanding threat landscape - particularly through IoT and OT vulnerabilities that leave cloud infrastructures at risk, said PJ Hamlen at Amazon Web Services, and Julie Bernard at Deloitte & Touche LLP.

Lawmakers Quiz Execs on Security; State AG Seek to Block Sale of Bankrupt Firm
While a Congressional committee grilled 23andMe executives on Tuesday about security and privacy, 28 states filed a lawsuit to stop the sale of the bankrupt genetics testing firm unless the company obtains explicit consent from each customer for the transfer or their information to a third party.

Crash Records and Driver Data Exposed in Texas Transportation Hack
Hackers accessed the Texas Department of Transportation's crash records system using a compromised account, stealing nearly 300,000 reports containing personal and vehicle information that could be used for fraud, the department warned in a letter to impacted individuals.

Experts Call for Continuous Assessments of Vendor Risk - Not Just at Onboarding
As vendor ecosystems grow in complexity, many organizations still view third-party risk management as a static assessment of vendors as they're onboarded. But organizations often focus too heavily on upfront vetting of vendors and fail to track how their risk profiles may change over time.

A vulnerability, which was classified as problematic, has been found in Xagio SEO Plugin up to 7.1.0.16 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument HTTP_REFERER leads to cross site scripting. This vulnerability is handled as CVE-2025-3302. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Events Calendar Plugin up to 6.13.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-5144. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in CubeWP Plugin up to 1.1.23 on WordPress. Affected is the function update_user_meta. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-4315. It is possible to launch the attack remotely. There is no exploit available.

A critical vulnerability (CVE-2025-4275) in Insyde H2O UEFI firmware allows attackers to bypass Secure Boot protections by injecting malicious digital certificates via an unprotected NVRAM variable. Dubbed Hydroph0bia, this flaw enables pre-boot execution of unsigned code, posing severe risks to enterprise and consumer devices. Insecure NVRAM Variable Handling The vulnerability stems from the improper use […]

The post Insyde UEFI Flaw Enables Digital Certificate Injection via NVRAM Variable appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

В Купертино обновили всё на свете — и всё равно остались уязвимы.

Telegram 创始人兼 CEO Pavel Durov 今年早些时候声称，在该应用 12 年历史中从未披露一字节私人消息。但 Telegram 并非端对端加密，要获取其私人消息，也许只要中间人并不需要 Telegram 的“配合”？IStories 的调查发现，45 岁的俄罗斯网络工程师 Vladimir Vedeneev 控制着 Telegram 的网络基础设施，法庭文件显示，他被赋予了对部分 Telegram 服务器的独家访问权限，甚至还能代表 Telegram 签署合同（以首席财务官的身份）。没有证据表明他的公司与俄罗斯合作或向其提供数据。但与 Vedeneev 有密切联系的两家公司其客户之一是俄罗斯联邦安全局（FSB）。匿名乌克兰 IT 专家声称俄罗斯军方在控制了 Telegram 的网络基础设施之后能对乌克兰进行中间人级别的监控。他表示俄罗斯对用户的通信内容不感兴趣，元数据——IP 地址、用户位置和通信联络人——的分析能透露更多情报。Telegram 用户之间的聊天默认并不启用端对端加密，即使启用了，该应用使用的 MTProto 协议在加密消息前都会添加一个未加密字段 auth_key_id。这一字段让识别特定用户设备成为可能。

Пока другие шумят про ИИ, Apple просто делает тихую революцию.

Currently trending CVE - Hype Score: 12 - Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

Currently trending CVE - Hype Score: 4 - A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through ...