Aggregator

Renault and Dacia have become the latest big-name brands to suffer a supply chain breach

With the release of Kali Linux 2025.3, a major update introduces an innovative tool that combines artificial intelligence and cybersecurity: the Gemini Command-Line Interface (CLI). This new open-source package integrates Google’s powerful Gemini AI directly into the terminal, offering penetration testers and security professionals an intelligent assistant designed to streamline and automate complex security workflows. […]

The post Gemini CLI to Your Kali Linux Terminal To Automate Penetration Testing Tasks appeared first on Cyber Security News.

Kaspersky SIEM集成了一种机器学习模型，用于检测DLL劫持攻击。该模型通过检查系统中加载的所有DLL库，并结合Kaspersky安全网络的全球知识库进行验证，以提高检测准确性并减少误报。模型支持两种运行模式：在correlator上处理已触发规则的事件，在collector上处理所有相关事件。在试点测试中，该模型成功识别了多个真实攻击案例，包括利用DLL侧载技术的恶意活动。

文章探讨了DLL劫持攻击的现状及其检测挑战，并介绍了卡巴斯基使用机器学习模型检测此类攻击的方法。通过三代模型的训练与优化，检测准确率显著提升，误报率降低。这些模型已应用于内部系统及商业产品中，有效识别并阻止 DLL 劫持攻击。

在科技与软件开发中，失败常被归咎于执行问题，但实际可能是时机不对。团队常将“太早”误认为是“失败”。ISHIR的创新加速器通过验证问题、测试假设和快速原型设计帮助确定市场准备情况。成功需要正确的想法、客户和时间。

Даже инженеры компании признались, что порой им не по себе от возможностей новой модели.

A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo utility that can grant root access under specific configurations.  Security researcher Rich Mirch is credited with identifying the weakness, while a functional PoC and usage guide have been published in an open GitHub repository, accelerating […]

The post PoC Exploit Released for Sudo Vulnerability that Enables Attackers to Gain Root Access appeared first on Cyber Security News.

Теперь придётся заклеивать не только веб-камеру, но и оптический сенсор мыши…

Threat actors exploited a Zimbra zero-day via malicious iCalendar (.ICS) files used to deliver attacks through calendar attachments. StrikeReady researchers discovered that threat actors exploited the vulnerability CVE-2025-27915 in Zimbra Collaboration Suite in zero-day attacks using malicious iCalendar (.ICS) files. These files, used to share calendar data, were weaponized to deliver JavaScript payloads to targeted […]

Zimbra Collaboration Suite存在零日漏洞CVE-2025-27915，攻击者利用恶意iCalendar文件发起攻击。该漏洞为存储型XSS，通过未正确清理HTML代码引发。攻击者利用事件执行JavaScript，窃取凭证、邮件数据并重定向邮件。研究人员发现攻击者使用多种技术隐藏行为，并将数据上传至特定服务器。此漏洞影响Zimbra 9.0至10.1版本。

A critical use-after-free vulnerability, identified as CVE-2025-49844, has been discovered in Redis servers, enabling authenticated attackers to achieve remote code execution. This high-severity flaw affects all versions of Redis that utilize the Lua scripting engine, presenting a significant threat to a wide range of deployments that rely on the popular in-memory data store. The core […]

The post Redis Server Vulnerability use-after-free Vulnerability Enables Remote Code Execution appeared first on Cyber Security News.

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools (RATs) to maintain stealth and persistence while systematically dismantling organizational defenses. Ransomware is one of the most disruptive cyber threats, encrypting critical organizational data and demanding ransom payments for restoration. While early campaigns relied on […]

The post Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Как хакеры могут "прокачать" вашу любимую игру вирусом.

A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and control (C2) communications, demonstrating how legitimate cloud infrastructure can be weaponized for malicious purposes. AWS X-Ray, designed to help developers analyze application performance through distributed tracing, has been repurposed by red team researchers into a […]

The post Hackers Weaponize AWS X-Ray Service to Work as Covert Command & Control Server appeared first on Cyber Security News.

习近平总书记提出，“要加强人工智能同保障和改善民生的结合，从保障和改善民生、为人民创造美好生活的需要出发，推动人工智能在人们日常工作、学习、生活中的深度运用，创造更加智能的工作方式和生活方式”。

《框架》2.0版在前一版本的基础上，梳理调整了风险分类，探索提出分级治理原则，强化全生命周期技术治理手段，标志着我国人工智能治理理念从“初步确立”迈向“体系升级”，为推动人工智能在安全可控前提下健康发展提供了制度保障和战略引领。

短信息服务与社会生产生活、人民群众切身利益息息相关，特别是随着经济社会的不断发展，短信息服务在电信、金融、互联网等领域发挥着越来越重要的作用。

Как ежедневные переписки с ИИ превращают пользователей в неисправимых нарциссов.

通过nmap扫描发现目标为Windows域控制器。利用LDAP枚举获取默认密码，并进行密码喷射攻击获取用户访问权。使用evil-winrm foothold后，利用SeBackupPrivilege提取系统文件并解密管理员哈希，最终获取root flag。

近期网络安全事件频发：网络犯罪分子针对幼儿园上传儿童照片勒索赎金并声称删除数据；Meta将利用用户与AI互动投放广告；老年Facebook用户被引导下载恶意应用；Google Gemini AI存在漏洞；Life360追踪器存安全隐患。