Aggregator

CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-50224 (CVSS score: 6.5) - An authentication bypass by spoofing vulnerability

CVE‑2025‑38352 и CVE‑2025‑48543 уже в деле.

欧洲学者基于北约“锁定盾牌”演习分析网络蓝队自动化愿景

客户联系信息和案例数据遭窃取

瑞士发布了完整开源的大模型 Apertus——即不仅公开模型权重，还公开了训练数据集和文档等资料。Apertus 的源代码和训练集都允许商业使用。它的数据集包含了 15 万亿 tokens，涵盖了逾千种语言。Apertus 的开发明确遵守瑞士数据保护和版权法，纳入了可追溯的退出机制以尊重数据源的偏好。用户可通过瑞士官网访问大模型，也可以通过 Hugging Face 和 Public AI Inference Utility 访问。

Как любимые гаджеты постоянно сливают данные о местоположении пользователей, и что с этим можно сделать.

August was a busy month at ANY.RUN. We expanded our list of connectors with Microsoft Sentinel and OpenCTI, added Linux Debian (ARM) support to the SDK, and strengthened detection across hundreds of new malware families and techniques. With fresh signatures, rules, and product updates, your SOC can now investigate faster, detect more threats in real time, and keep defenses sharp […]

The post Release Notes: Fresh Connectors, SDK Update, and 2,200+ New Detection Rules  appeared first on ANY.RUN's Cybersecurity Blog.

再也不说一次打包，到处部署了。

A significant outage of Google services, including its search engine, Gmail, and YouTube, has affected users across Turkey and several countries in Eastern Europe. The disruption, which began on Thursday morning, also impacted other popular platforms such as Google Maps, Drive, and Analytics. Monitoring websites like Downdetector confirmed widespread service interruptions, with a spike in […]

The post Google Services Down For Most Of The Users In US, Turkey And Eastern Europe appeared first on Cyber Security News.

免费中秋礼盒、新人额外加成、还有全系数业务翻倍都在OSRC等着你！

Apitor научила детей программированию и шпионажу за родительские деньги.

Hackers are using legitimate red team tool Hexstrike-AI to simplify and speed up vulnerability exploitation

Microsoft has officially acknowledged a significant bug in recent Windows security updates that is causing application installation and repair failures across multiple versions of Windows 10, Windows 11, and Windows Server. The issue stems from a security enhancement in the August 2025 updates, which now incorrectly triggers User Account Control (UAC) prompts for standard, non-administrator […]

The post Microsoft Confirms UAC Bug Breaks App Install On Windows 11 And 10 Versions appeared first on Cyber Security News.

9月13日，腾讯安全沙龙第5期将在南京国际博览中心隆重举行

Educational institutions have become prime targets in the escalating battle against commodity information stealers. First emerging in 2022 as an open-source project on GitHub, Stealerium was initially released “for educational purposes” but rapidly attracted illicit interest. Adversaries adapted and enhanced the code to create variants—such as Phantom Stealer and Warp Stealer—resulting in a family of […]

The post Threat Actors Using Stealerium Malware to Attack Educational Organizations appeared first on Cyber Security News.

Многофакторная аутентификация уже не панацея от кибератак. Разбираемся, как оценить современное MFA-решение по пяти ключевым критериям и чем платформа Duo помогает построить защиту будущего без лишних затрат и сложностей.

Currently trending CVE - Hype Score: 25 - Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)