Aggregator

Nederland wil een bijdrage leveren aan veiligheid en stabiliteit in de Indo-Pacific. “Bij alle geopolitieke grimmigheid is het belangrijk de banden met ‘ongebonden’ India te versterken. Stabiliteit in de Indo-Pacific is verweven met onze handel en veiligheid.” Dat was de boodschap van minister van Defensie Ruben Brekelmans tijdens de Raisina Dialogue 2025 in India. Dit is een van de belangrijkste geopolitieke conferenties in de regio Azië en Oceanië. Brekelmans was er de afgelopen dagen.

A sophisticated cyberattack has been uncovered, targeting booking websites to spread the LummaStealer malware. This campaign leverages fake CAPTCHA prompts and social engineering techniques to deceive users into executing malicious commands on their systems. LummaStealer, an info-stealer malware operating under a Malware-as-a-Service (MaaS) model, has been gaining attention for its versatility and global reach. Infection […]

The post Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google объяснила, почему Linux-VM теперь есть в Pixel.

Overview Recently, NSFOCUS CERT detected that Microsoft released a security announcement and fixed the spoofing vulnerability of Windows File Explorer (CVE-2025-24071), with a CVSS score of 7.5. Due to the implicit trust and automatic file parsing behavior of .library-ms files by Windows Explorer, unauthenticated attackers can save files by constructing RAR/ZIP with an embedded malicious […]

The post Windows File Explorer Spoofing Vulnerability (CVE-2025-24071) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Windows File Explorer Spoofing Vulnerability (CVE-2025-24071) appeared first on Security Boulevard.

Pebble 创始人 Eric Migicovsky 宣布推出两款运行 PebbleOS 的智能手表产品。他创办的 Pebble 公司被出售给 Fitbit 后关闭，而 Google 收购 Fitbit 后获得了 Pebble 的所有权。今年 1 月Google 宣布在 Apache License 2.0 下开源 Pebble 智能手表操作系统，而 Migicovsky 同一时间宣布将推出运行开源 PebbleOS 的新产品。两款新产品分别是：Core 2 Duo，售价 149 美元，今年 7 月上市；Core Time 2，售价 225 美元，12 月上市。因为新产品运行的是 PebbleOS，兼容于原来为 PebbleOS 开发的应用，因此能在新产品上使用的应用以及表盘数量将超过 1 万。Core 2 Duo 配备了 1.26 英寸的电子纸显示屏，电池使用时间将长达 30 天；Core Time 2 配备了更大的 1.5 英寸 64 色电子纸显示屏，电池使用时间 30 天（预估）。两款产品目前开放预购。

A critical vulnerability affecting Synology’s DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified as CVE-2024-10441, has been reported in multiple DSM versions, including DSM 6.2, 7.1, 7.2, and 7.2.1, as well as Synology Unified Controller (DSMUC) version 3.1. The vulnerability is classified as […]

The post Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Rules File Backdoor компрометирует цепочки поставок без единого следа вторжения.

AMI BMC 存在严重漏洞，攻击者可远程绕过认证，完全控制服务器，可能导致恶意软件部署、固件篡改甚至硬件损坏。

CDN 和安全服务商 cloudflare 报告，密码重复使用攻击泛滥成灾。密码复用攻击指的是用户在一个网站使用的密码泄漏，攻击者利用窃取的密码尝试登陆该用户在其它网站上的账号。避免此类攻击的方法就是不要重复使用密码。cloudflare 的流量监测发现，2024 年 9 月至 11 月期间，在受 Cloudflare 保护的网站上，41% 的成功登录涉及到密码泄露。cloudflare 的数据显示，95% 涉及泄露密码的登录尝试来自机器人程序，表明它们是撞库攻击（或凭证填充攻击）行动的一部分。 WordPress、Joomla 和 Drupal 等流行 CMS 平台是主要攻击目标。其中 WordPress 份额最大，原因当然是它是最大的 CMS 平台。

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

软件供应链安全最被关心的20个问题

网络安全产品屡屡成为企业被黑入口

Agency Official Says Ex-DOGE Staffer's Data Breach Violated Security Policy
An ex-Department of Government Efficiency staffer violated Treasury rules by sending unencrypted personal data to two senior Trump administration officials without approval, raising concerns about the task force's apparent disregard for or lack of knowledge about critical data security policies.

3月26日晚19:00线上闭门会，提安全419好使！