Aggregator

Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring
U.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.

Plan Aims to Modernize Workflow, Expand AI Use Across Agencies, Improve Cyber
The U.S. Department of Health and Human Services on Thursday unveiled "version 1" of a strategic plan to implement artificial intelligence as a "practical layer" across the department and its agencies aimed at helping to break down silos, improve collaboration and increase efficiencies.

Security Minister Dan Jarvis Endorses Security Researcher Protections
The U.K. government is considering amending its three-decade-old hacking law to include a "statutory defense" cover for security researchers. The announcement comes amid concerns that the law penalizes white hat hackers for essential security practices.

A high-severity vulnerability has been disclosed in Splunk affecting its Enterprise and Universal Forwarder products for Windows, stemming from incorrect file permissions during installation and upgrades. The vulnerability, tracked as CVE-2025-20386 for Splunk Enterprise and CVE-2025-20387 for Universal Forwarder. Allows non-administrator users to access sensitive installation directories and their contents, creating a pathway for privilege […]

The post Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions appeared first on Cyber Security News.

SeedSnatcher represents a significant threat to cryptocurrency users worldwide. Packaged under the seemingly innocent name “Coin” and distributed through Telegram, this Android malware has emerged as a sophisticated tool designed specifically to steal digital wallet recovery codes and execute remote commands on infected devices. The malware, registered under the package name com.pureabuladon.auxes, operates as a […]

The post SEEDSNATCHER Android Malware Attacking Users to Exfiltrate Sensitive Data and Execute Malicious Commands appeared first on Cyber Security News.

Китайские кибершпионы годами скрытно сидели в критических сетях, используя новый опасный бэкдор Brickstorm.

Cybersecurity teams are starting to think about how large language model agents might interact at scale. A new paper from Cisco Research argues that the current network stack is not prepared for this shift. The work proposes two extra layers on top of the application transport layer to help agents communicate in a structured way and agree on shared meaning before they act. Traditional OSI stack and our proposed network stack for agentic applications. We … More →

The post Building the missing layers for an internet of agents appeared first on Help Net Security.

俄罗斯屏蔽了苹果 FaceTime 和游戏平台 Roblox。俄罗斯声称 FaceTime 被用于犯罪活动，而 Roblox 则被指控传播极端主义材料和 LGBT 宣传。在这之前，俄罗斯限制了 Google 的 YouTube、Meta 的 WhatsApp 以及 Telegram。批评人士认为此举相当于审查，旨在加强国家对私人通信的控制。俄罗斯则声称这些是合法的执法手段。俄罗斯通信监管机构 Roskomnadzor 援引执法机构的声明称，FaceTime 正被用于在俄罗斯境内组织和实施恐怖袭击、招募犯罪分子以及对俄罗斯公民实施欺诈和其它犯罪活动。但它并没有提供任何证据。

Netflix 目前在竞价收购 Warner Bros. Discovery 工作室和流媒体业务上处于领跑位置。Netflix 对华纳的工作室、HBO Max 等相关业务的估值为每股 28 美元。派拉蒙对华纳的报价是接近每股 27 美元。派拉蒙旨在收购华纳的全部资产，而 Netflix 和另一个竞价者 Comcast 只对其工作室和流媒体资产感兴趣。华纳旗下还有 CNN 等有线电视。彭博社称，华纳和 Netflix 已进入独家谈判阶段。派拉蒙的所有者埃里森家族（Larry Ellison）与美国总统特朗普关系密切，它宣称只有它的收购能通过政府的反垄断审查，其它公司的收购将会无法通过。

Почему энергия сохраняется, а протоны связаны с нейтронами? Ответ дала 150-летняя теория норвежского математика.

经国家计算机病毒应急处理中心检测，69款移动应用存在违法违规收集使用个人信息情况，现通报如下。

安卓内置杀毒模块Google Play Protect在部分设备上拦截了SmartTube，并向用户发出安全风险警示。

In this Help Net Security video, Lane Sullivan, SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, and divestitures. Sullivan talks about the types of risk an acquiring company can take on, including cyber exposure, compliance duties, and past governance decisions. He outlines why data handling matters throughout the process, from deciding what should move to keeping records of how data was sent and received. The … More →

The post What security leaders should watch for when companies buy or sell a business appeared first on Help Net Security.

A CVSS score 7.8 AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-12-05, 44 days ago. The vendor is given until 2026-04-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2025-12-05, 44 days ago. The vendor is given until 2026-04-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'George Karchemsky (@gkarchemsky)' was reported to the affected vendor on: 2025-12-05, 44 days ago. The vendor is given until 2026-04-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It's rooted in Array's DesktopDirect, a remote desktop access solution that allows users to securely access

Large amounts of personal information about medical professionals are available on people search sites. A new analysis by Incogni’s researchers shows how much data about doctors appears online and how easily it can be found. The findings should concern healthcare leaders who support staff safety, workforce protection, and clinical operations. Doctors have searchable profiles Researchers examined 786 medical doctors working in major U.S. hospitals. 97% of them appeared on at least one people search site. … More →

The post Data brokers are exposing medical professionals, and turning their personal lives into open files appeared first on Help Net Security.

Security researchers have uncovered a sophisticated Linux malware campaign that merges Mirai-derived DDoS botnet capabilities with a stealthy fileless cryptominer, representing a significant evolution in IoT and cloud-targeted threats. The malware, dubbed V3G4 by Cyble Research Intelligence Labs, employs a multi-stage infection chain designed to compromise Linux servers and IoT devices across multiple architectures while […]

The post New Stealthy Linux Malware Combines Mirai-Derived DDoS Botnet and Fileless Cryptominer appeared first on Cyber Security News.

微步通用规则3月已支持检测。