Aggregator

Защитные системы бессильны против динамически генерируемых страниц авторизации.

Новый алгоритм разбивает пользователей на группы по степени зрелости — и это неутешительно.

Artificial intelligence has dramatically transformed the cybersecurity landscape, with red team activities increasingly leveraging sophisticated AI-driven techniques to simulate advanced persistent threats. These AI-enhanced red teams can now automate the process of penetrating targets and collecting sensitive data at unprecedented speeds. The evolution of machine learning, deep learning, and large language models has opened new […]

The post Red Team Activities Turns More Sophisticated With The Progress of Artificial Intelligence appeared first on Cyber Security News.

Canonical рассказала, как -O3 портит запуск программ и раздувает систему.

褪去工牌的人生，仍有相同的识别码

褪去工牌的人生，仍有相同的识别码

褪去工牌的人生，仍有相同的识别码

褪去工牌的人生，仍有相同的识别码

褪去工牌的人生，仍有相同的识别码

From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations spend nearly $1 billion dollars on ransom each year, but the greater cost often comes from the reputational damage and operational disruption caused by the attack. Ransomware attacks typically involve tricking victims into […]

The post SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk appeared first on Cyber Security News.

Мир, где каждый клик раскрывает кусочек твоей жизни.

A sophisticated phishing operation has emerged that creatively leverages DNS mail exchange (MX) records to dynamically serve fake login pages tailored to victims’ email providers. The attack can mimic over 100 brands and represents a significant evolution in phishing techniques, creating highly convincing impersonations that are difficult for users to distinguish from legitimate login pages. […]

The post Hackers Leveraging DNS MX Records To Dynamically Create Fake Logins Mimic as 100+ Brands appeared first on Cyber Security News.

Researchers has identified a novel mobile banking Trojan, designated “Crocodilus,” marking a significant advancement in the evolution of Android-targeted malware. Unlike predecessors such as Anatsa, Octo, and Hook, which incrementally refined their capabilities, Crocodilus emerges as a fully mature threat, integrating sophisticated features including overlay attacks, accessibility-based data harvesting, remote access trojan (RAT) functionality, and […]

The post Crocodilus – A New Android Malware Remotely Control Your Android Devices appeared first on Cyber Security News.

Disney’s latest release, Snow White (2025), has turned into a cybersecurity crisis for unsuspecting users. With a disappointing IMDb rating of 1.6/10 and lackluster box office results, the film’s absence from Disney+ has led many to search for pirated versions online.  Cybercriminals have seized this opportunity to launch a sophisticated malware campaign targeting torrent users. […]

The post Fake Snow White Movie Attacking Viewers Device With New Malware appeared first on Cyber Security News.

A vulnerability was found in Linux Kernel up to 6.6.65/6.12.4. It has been classified as critical. This affects an unknown part of the component nft_inner. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-56638. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.3. Affected by this vulnerability is the function kunit_device_driver_test. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-56773. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been rated as critical. Affected by this issue is the function xe_gt_tlb_invalidation_init of the component drm. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-21644. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.9. It has been declared as problematic. Affected by this vulnerability is the function napi_by_id. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-21659. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.8. This vulnerability affects unknown code of the component fgraph. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-57934. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.3. It has been rated as problematic. Affected by this issue is the function drain_vmap_area_work. The manipulation leads to allocation of resources. This vulnerability is handled as CVE-2024-56559. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.