Aggregator

研究人员在40天的监测中，于蜜罐系统上记录到超3.5万次攻击会话，由此发现这起大规模网络犯罪活动。

Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths. AI systems now sit at the center of this activity, supporting generation, testing, and rollout of phishing campaigns. The Cofense research documents this environment as it exists across enterprise inboxes, with one malicious email identified on … More →

The post AI is driving a new kind of phishing at scale appeared first on Help Net Security.

Даже бдительный админ может не знать о надвигающейся угрозе. Спасибо, CISA.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Xingyu Wang' was reported to the affected vendor on: 2026-02-05, 50 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ' Bobby Gould (@bobbygould5) and Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N severity vulnerability discovered by 'Muhammad Fadilullah Dzaki' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bobby Gould (@bobbygould5) and Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Tyler Zars' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 4.3 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Len Sadowski (lytnc) and Oğuz Bektaş (_ozb_) ' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-02-05, 52 days ago. The vendor is given until 2026-06-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Киберэксперты обнаружили теневую империю прямо в вашем смартфоне.

National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that environment, guidance circulating among policymakers outlines how national cybersecurity strategies increasingly tie together risk management, workforce planning, technology standards, and coordination across sectors. Across many countries, national cybersecurity strategies now function as organizing frameworks that link economic policy, national security, and digital services. The approach treats cybersecurity as a shared responsibility that … More →

The post Cybersecurity planning keeps moving toward whole-of-society models appeared first on Help Net Security.

Планета летит к чертям, поэтому Дубай нажал Ctrl+S.

Enterprise teams already run dozens of AI tools across daily work. Usage stretches from code generation and analytics to customer support drafting and internal research. Oversight remains uneven across roles, functions, and industries. A new Larridin survey of enterprise leaders places measurement and governance at the center of this operating environment. Executives frequently express confidence in their understanding of AI activity across the organization. Directors and managers closer to daily operations describe a different condition. … More →

The post Measuring AI use becomes a business requirement appeared first on Help Net Security.

<p>The Cheat Sheet section is for quick reference.The Learn section is for those who have never touched the topic before.The Implement section is for more detailed descriptions of each Cheat Sheet…</p>