Aggregator

研究人员预测，全球每年消失的冰川数量将急剧上升，到本世纪中叶达到 2000-4000 座，具体取决于相较于工业化前水平的升温程度。研究者指出，如限制变暖在 1.5℃，到 2100 年，将比变暖 2.7℃ 的场景下冰川存续数量翻倍，并防止在 4.0℃ 升温下冰川近乎完全消失的局面。全球冰川正在急速消退，这一趋势与海平面上升有关。但单个冰川的消失也蕴含着文化、精神和经济影响。冰川在一些社区中有着文化和精神含义，每年吸引数百万游客，也是下游地区的重要水源。

Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), in Fortinet products days after patch release, Arctic Wolf warns. Last week, Fortinet addressed 18 vulnerabilities, including the two flaws […]

Urban VPN在Chrome应用商店为高人气的VPN插件：4.7分的高分评价、超600万用户的安装量，甚至斩获谷歌官方“精选（Featured）”认证徽章，显眼的宣传语“保护你的在线身份，隐藏IP”，让无数用户将其视为网络安全的“守护者”。但光鲜背后，这款打着免费旗号的工具，早已沦为窃取用户隐私的“数据猎手”，所谓免费安全，从来都是最昂贵的陷阱。 从2025年7月9日上线的5.5.0版本开始，Urban VPN彻底撕下伪装，悄悄在代码中硬编码植入AI数据收割功能，毫无征兆地对用户展开隐秘监控。无论你日常使用的是ChatGPT、Claude、Gemini这类海外主流AI工具，还是Microsoft Copilot、DeepSeek、Perplexity等常用助手，只要浏览器安装了这款插件，一段预设的JavaScript脚本就会自动注入AI对话页面，全程无提示、无弹窗，用户毫无察觉。 这段恶意脚本极具侵略性，直接覆盖了浏览器核心的网络请求处理接口——fetch()与XMLHttpRequest()。这意味着，用户与AI的每一次互动数据，都会被提前“截胡”：你输入的每一句提示词、AI生成的每一段回复内容，甚至对话的精准时间戳、设备型号、浏览器版本等元数据，在发送至对应AI厂商服务器之前，都会先被Urban VPN打包加密，同步传输到其专属的analytics.urban-vpn[.]com等远程服务器中，形成完整的用户AI对话数据库，全程不留死角。 更令人不齿的是Urban VPN的“两面派”操作，堪称“贼喊捉贼”的典型案例。该插件专门推出一项名为“AI保护”的功能，大肆宣传其能实时监测用户输入内容，防范个人敏感信息（如手机号、邮箱、身份证号）意外泄露给AI工具，一旦检测到风险就会弹出警告提示，营造出“贴心守护隐私”的假象，实际上数据全部被传走。 这些被窃取的海量AI对话数据，最终流向了一条隐蔽的商业变现链条。Urban VPN的母公司是注册于美国特拉华州的Urban Cyber Security Inc.，而其实际控制方是知名广告情报BIScience，通过提取用户需求偏好、行业洞察、消费倾向等核心信息，加工成商业分析报告，高价出售给广告公司、市场调研机构、科技企业等，形成“窃取-加工-售卖”的完整商业闭环，用户的隐私秘密被明码标价，成为其盈利的工具。

Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer. The malicious package, named "Tracer.Fody.NLog," remained on the repository for nearly six years. It was published by a user named "csnemess" on February 26, 2020. It masquerades as "Tracer.Fody,"

Британия хочет заставить Apple и Google блокировать обнажёнку на смартфонах по умолчанию.

CISA has issued an urgent warning regarding a critical zero-day vulnerability in Apple WebKit that is currently being actively exploited in attacks. CISA has added CVE-2025-43529 to its catalog of vulnerabilities requiring immediate attention, setting a strict deadline for organizations to implement protective measures. What Is the WebKit Vulnerability? The vulnerability, identified as a use-after-free flaw in […]

The post CISA Warns of Apple WebKit Vulnerability 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Petróleos de Venezuela (PDVSA), Venezuela's state-owned oil company, was hit by a cyberattack over the weekend that disrupted its export operations. [...]

Articles related to cyber risk quantification, cyber risk management, and cyber resilience.

The post Communicating AI Risk to the Board With Confidence | Kovrr appeared first on Security Boulevard.

Experts predict big changes are coming for IT infrastructure in 2026, driven by AI adoption, hybrid cloud strategies, and evolving security demands.

Обычные кубиты больше не справляются, им срочно нужен «старший брат».

Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure. [...]

StackHawk is adding Business Logic Testing (BLT) to its AppSec offerings. StackHawk’s BLT automates the detection of critical authorization flaws that account for 34% of security breaches. Business logic flaws, such as broken object level authorization (BOLA) and broken function level authorization (BFLA), are top application security concerns that Stackhawk’s new BLT solution directly addresses. Identifying these flaws requires testing running applications with multiple users simultaneously, functionality that SAST and legacy DAST tools fundamentally lack. … More →

The post StackHawk adds Business Logic Testing (BLT) to its AppSec platform menu appeared first on Help Net Security.

2025 was a golden year for malware takedowns. We asked our friends from the band HUNTR/X to weigh in on some of the biggest hits.

Экономия колоссальная, а эффект превзошёл самые смелые ожидания.

Threat actors have been actively exploiting a critical path-traversal vulnerability in Fortinet’s FortiWeb web application firewall since early October 2025, allowing unauthenticated attackers to create rogue administrator accounts and gain full control of exposed devices. Researchers at watchTowr Labs first detailed the flaw on November 13, 2025, revealing a chain of path traversal and authentication bypass issues […]

The post Fortinet FortiWeb Vulnerability (CVE-2025-64446) Exploited in the Wild for Full Admin Takeover appeared first on Cyber Security News.

Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware.

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected across firewall and endpoint security layers, demonstrate how modern cyber attackers operate simultaneously. While quietly activating compromised internal systems, they also relentlessly scan external services for exploitable weaknesses. Although the

The post Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions appeared first on Seceon Inc.

The post Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions appeared first on Security Boulevard.

Консультировались с чат-ботом по медицинским вопросам? Ваш диагноз уже узнает весь Интернет!

Labeling adversary activity with ATT&CK techniques is a tried-and-true method for classifying behavior. But it rarely tells defenders how those behaviors are executed in real environments.

The post Extracting the How: Scaling Adversary Procedures Intelligence with AI appeared first on Security Boulevard.

伊朗APT33组织攻击样本分析