Aggregator

China’s Ink Dragon is using European government networks to hide its espionage activity

点击蓝字，关注+星标⭐精彩内容不迷路~尊敬的用户，您好！

Kerberos Overhaul Will Disable RC4 by Default in Windows
Microsoft will disable RC4 by default in Windows Kerberos, pushing organizations to uncover and eliminate longstanding cryptographic weaknesses hidden in legacy authentication systems - particularly within large domains where fallback to RC4 has quietly persisted for decades.

Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its Victims
A Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes.

AI Is Now the Top Focus for Modernization to Relieve Budget, Staffing Pressures
According to the National Association of State CIOs, this year AI tech - including generative and agentic AI - is the top strategic initiative for state CIOs - marking an "unprecedented" shift in IT priorities, said NASCIO Executive Director Doug Robinson. In fact, AI first appeared on the organization's annual survey of state and territory CIOs just three years ago.

Secure-by-Design Startup Uses AI Agents to Safeguard Containers, VMs and Libraries
Cloud security startup Echo has closed a $35 million Series A funding round to boost development of its AI-native OS. The platform starts with secure container images and aims to extend to VMs and libraries, helping enterprises minimize risk from open-source software.

蓝箭航天本月初执行了朱雀三号火箭的首飞任务，火箭发射成功但回收失败。朱雀三号的外形模仿了 SpaceX 的 Falcon 9 火箭。SpaceX 正在开发它的新一代重型火箭 Starship，因此越来越多的中国火箭初创公司也在开发外形类似 Starship 的火箭，当然不太可能第一步就开发重型火箭，它们开发的是 Starship 的缩小版本。名叫上海大航跃迁的火箭公司宣布正在开发中大型可重复使用运载火箭，使用了类似 Starship 的用两根金属筷子夹住火箭的回收技术；北京宇石空间也表示在研发甲烷燃料火箭，使用类似夹火箭回收技术，它对于模仿 SpaceX 的火箭毫不掩饰，称其技术方案与马斯克的 SpaceX 公司完全一致；北京领航星箭公司将其正在研发的火箭命名为星舰一号。这些火箭初创企业能否成功研制出缩小版 Starship 还是未知之数。

美国政府正在填补美国网络司令部和国家安全局领导空缺

响应措施误伤用户，部分遭到屏蔽

Programmatic Tool Calling 将是智能体未来的架构分水岭

Визуально обнаружить ловушку было крайне сложно даже при ручной проверке.

Trellix announced Trellix NDR innovations, strengthening OT-IT security with integrated visibility across complex environments, enhanced detection capabilities, and automated investigation and response to reduce the threat detection-to-response gap. “We know cybercriminals are increasingly targeting the OT-IT boundary, where threats can hide in the absence of complete visibility,” said Rohit Unnikrishnan, SVP Product Management, Trellix. “To keep pace, organizations must prioritize proactive defense with enhanced perimeter visibility and enriched intelligence extending across environments for greater resilience … More →

The post Trellix advances NDR to close the OT-IT threat detection-to-response gap appeared first on Help Net Security.

A vulnerability was found in WebKitGTK and WPE WebKit up to 2.50.3 and classified as problematic. The impacted element is an unknown function of the component Web Handler. Executing manipulation can lead to type confusion. This vulnerability is registered as CVE-2025-43541. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in WebKitGTK and WPE WebKit up to 2.50.3 and classified as critical. The affected element is an unknown function of the component Web Handler. Performing manipulation results in use after free. This vulnerability is cataloged as CVE-2025-43536. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in WebKitGTK and WPE WebKit up to 2.50.3. Impacted is an unknown function of the component Web Handler. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2025-43535. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in WebKitGTK and WPE WebKit up to 2.50.3. This issue affects some unknown processing of the component Web Handler. This manipulation causes race condition. This vulnerability is tracked as CVE-2025-43531. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in WebKitGTK and WPE WebKit up to 2.50.3. This vulnerability affects unknown code of the component Web Handler. The manipulation results in buffer overflow. This vulnerability is identified as CVE-2025-43501. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

XM Cyber announced an update to its platform that connects External Attack Surface Management with internal risk validation, closing the gap between what’s exposed outside and what exists inside. XM Cyber allows security teams to instantly see not just what is externally exposed, but also gain a strategic view on how external exposures chain together with internal, exploitable vulnerabilities to threaten critical business assets. These enhancements provide a seamless, end-to-end approach, using validated exploitable attack … More →

The post XM Cyber bridges external attack surface management with validated internal attack paths appeared first on Help Net Security.