Aggregator
Domino Effect: How One Vendor's AI App Breach Toppled Giants
4 months 2 weeks ago
A single AI chatbot breach at Salesloft-Drift exposed data from 700+ companies, including security leaders. The attack shows how AI integrations expand risk, and why controls like IP allow-listing, token security, and monitoring are critical.
Fernando Tucci
This Is How Your LLM Gets Compromised
4 months 2 weeks ago
Poisoned data. Malicious LoRAs. Trojan model files. AI attacks are stealthier than ever—often invisible until it’s too late. Here’s how to catch them before they catch you.
Fernando Tucci
As Incidents Rise, Japanese Government's Cybersecurity Falls Short
4 months 2 weeks ago
The Japanese government suffered the most cybersecurity incidents in 2024 — 447, nearly double the previous year — while failing to manage 16% of critical systems.
Robert Lemos, Contributing Writer
派早报:大疆发布 Osmo Nano、尚界 H5 宣布上市等
4 months 2 weeks ago
大疆发布Osmo Nano穿戴相机,支持双面磁吸设计、10-bit色彩与4K/60fps视频录制;尚界H5上市,提供多种续航版本与智能驾驶功能;Google更新Play商店功能并上线相册对话式编辑;英特尔调整核显驱动支持策略;DeepSeek升级至V3.1版本;iQOO 15预热搭载多项新技术。
New Malware in npm Package Steals Browser Passwords Using Steganographic QR Code
4 months 2 weeks ago
A sophisticated malware campaign has emerged in the npm ecosystem, utilizing an innovative steganographic technique to conceal malicious code within QR codes. The malicious package, identified as “fezbox,” presents itself as a legitimate JavaScript/TypeScript utility library while secretly executing password-stealing operations through a cleverly disguised QR code payload. This attack represents a significant evolution in […]
The post New Malware in npm Package Steals Browser Passwords Using Steganographic QR Code appeared first on Cyber Security News.
Tushar Subhra Dutta
Zloader Malware Repurposed to Act as Entry Point Into Corporate Environments to Deploy Ransomware
4 months 2 weeks ago
Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused operations to become a dangerous entry point for ransomware attacks in corporate environments. Originally designed to facilitate financial fraud, this malware family has evolved into a powerful tool for initial access brokers who specialize in […]
The post Zloader Malware Repurposed to Act as Entry Point Into Corporate Environments to Deploy Ransomware appeared first on Cyber Security News.
Tushar Subhra Dutta
HIBP Demo: Querying the API, and the Free Test Key!
4 months 2 weeks ago
One of the most common use cases for HIBP's API is querying by email address, and we support hundreds of millions of searches against this endpoint every month. Loads of organisations use this service to understand the exposure of their customers and provide them with better protection against
Troy Hunt
Daily Dose of Dark Web Informer - 23rd of September 2025
4 months 2 weeks ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer
Threat Attack Daily - 23rd of September 2025
4 months 2 weeks ago
Threat Attack Daily - 23rd of September 2025
Dark Web Informer
Ransomware Attack Update for the 23rd of September 2025
4 months 2 weeks ago
Ransomware Attack Update for the 23rd of September 2025
Dark Web Informer
Boyd Gaming discloses data breach after suffering a cyberattack
4 months 2 weeks ago
US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. [...]
Lawrence Abrams
SDL 97/100问:关于白盒测试,应该知道哪些正确观念?
4 months 2 weeks ago
白盒测试在SDL中,建设优先级应该是属于较高的一类,也被大家广泛讨论。通过长期运营后,发现有以下特点:
1、检出常见漏洞产出高,但绝对不是万能的:在黑盒和人工测试的基础上更进一步,那就是白盒扫描效果最好、而且能够发现更多的漏洞,类型以文件操作、注入类、硬编码等为主,对于有安全函数处理、污点追踪数据流中断、业务逻辑类漏洞,目前基本是没办法直接检出的;
2、靠人工运营才能落地,不能买来开箱即用:白盒的一大缺点就是误报高,可能高到最开始时无法推动漏洞修复,需要投入专业人员运营、规则调优后才可能投入生产使用。
截止目前为止,还没有一款应用大模型的白盒工具能够全面 PK 商业产品,希望未来能够出现。
------------更多内容,请访问-------------
1、SDL 100问
SDL100问:我与SDL的故事
SAST误报太高,如何解决?
SDL需要哪些人参与?
大家都有哪些SDL运营指标?
业务系统是否可以带漏洞上线?
哪个厂商做SDL咨询服务和建设比较强?
如何推动业务方修复开源组件漏洞?
开发安全左移和右移,哪一个更好?
什么是ASTRIDE?
与外部厂商合作时,外发敏感数据有啥好方案?
针对开发安全管理的面试,一般都会问哪些问题?
针对有漏洞的代码,安全怎么不让发版?
SDL 96/100问:如何对软件项目安全性进行度量?
2、SDL创新实践
首发!“ 研发安全运营 ” 架构研究与实践
DevSecOps实施关键:研发安全团队
DevSecOps实施关键:研发安全流程
DevSecOps实施关键:研发安全规范
DevSecOps实施关键:研发安全工具
从安全视角,看研发安全
数字化转型下研发安全痛点
一个思考:安全测试驱动产品安全?
3、SDL最初实践
【SDL最初实践】开篇
【SDL最初实践】安全培训
【SDL最初实践】安全需求
【SDL最初实践】安全设计
【SDL最初实践】安全开发
【SDL最初实践】安全测试
【SDL最初实践】安全审核
【SDL最初实践】安全响应
4、安全运营实践
基于实践的安全事件简述
安全事件运营SOP:钓鱼邮件
安全事件运营SOP:网络攻击
安全事件运营SOP:蜜罐告警
安全事件运营SOP:webshell事件
安全事件运营SOP:接收漏洞事件
应急能力提升:实战应急困境与突破
应急能力提升:挖矿权限维持攻击模拟
JGroup
4 months 2 weeks ago
You must login to view this content
cohenido
Kairos
4 months 2 weeks ago
You must login to view this content
cohenido
Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation
4 months 2 weeks ago
Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover.
Waqas
Researchers say media outlet targeting Moldova is a Russian cutout
4 months 2 weeks ago
REST Media has garnered millions of views on social media for its content targeting Moldova’s EU-friendly leadership. Researchers say it’s a pro-Kremlin operation.
The post Researchers say media outlet targeting Moldova is a Russian cutout appeared first on CyberScoop.
djohnson
Qilin
4 months 2 weeks ago
You must login to view this content
cohenido
Voluntarily Retirement Keeps Eluding Ransomware Attackers
4 months 2 weeks ago
What's Left After Raking In Millions From Other People's Blood, Sweat and Tears?
Things that continue to elude scientific observation: the Loch Ness Monster, Bigfoot and the ransomware hacker who voluntarily chose retirement. "There's no such thing as 'retirement' in cybercrime," despite some ransomware hackers dangling promises to leave the field.
Things that continue to elude scientific observation: the Loch Ness Monster, Bigfoot and the ransomware hacker who voluntarily chose retirement. "There's no such thing as 'retirement' in cybercrime," despite some ransomware hackers dangling promises to leave the field.
AI 'Gold Rush' Demands Calculated Security Approaches
4 months 2 weeks ago
Cloudflare's Christian Reilly on Practical AI Security, Extreme AI Implementation
Christian Reilly, field CTO at Cloudflare, shares how organizations can harness artificial intelligence technology while maintaining security. He warns against extreme AI approaches and emphasizes practical security measures for enterprise adoption.
Christian Reilly, field CTO at Cloudflare, shares how organizations can harness artificial intelligence technology while maintaining security. He warns against extreme AI approaches and emphasizes practical security measures for enterprise adoption.