Aggregator

这一成果标志着 AI 驱动的主动防御新时代的开启

看雪论坛作者ID：0x指纹

快来预约直播~

Iranian state-backed Advanced Persistent Threat (APT) groups and their hacktivist allies have stepped up operations that could spark worldwide cyber retaliation in the wake of Israeli and American strikes on Iranian nuclear and military facilities in June 2025. While kinetic conflicts remain contained, the cyber domain has seen a surge in preparatory activities targeting U.S. […]

The post Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and Academics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

How Focused Skill Building Solves Real Problems in Cyber Roles
The pressure to grow doesn't come from curiosity alone. It comes from real friction in the systems you work with. That's why the smartest way to continue learning is not to try to master everything. Instead, focus on the next thing that will actually help you move forward in your role.

Experts Aim to Probe How AI Models Reason, and Why It Matters
AI researchers from OpenAI, Google DeepMind and Anthropic and others have urged deeper study into chain-of-thought monitoring, a technique to track how reasoning models arrive at answers. Their joint paper warns that transparency may erode if not prioritized.

5G OT Security Summit Speakers on Delicate Balance Between Innovation, Cyber Risk
Digital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.

67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.

Agency to Collaborate with External Experts on Vulnerability Research
The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

在十年的里程碑上，雷神众测正式迈向全球化！！

报名倒计时10天！

Всё было по правилам, но правила были неправильными.

内有福利，再送40个账号注册码或300论坛币，吾爱破解论坛开放注册时间：2025年7月21日 12：00 -- 14：00 和 20：00 -- 22：00，赶紧上好闹钟顺便告诉小伙伴吧。

慢雾正式推出稳定币风险管理与反洗钱 / 反恐怖融资合规安全解决方案。

Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. This sophisticated technique, known as DNS tunneling, transforms the internet’s essential “phonebook” into a covert communication channel for malicious activities. DNS tunneling involves encoding data within DNS queries and responses, […]

The post Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

一年一度的“大考”火热进行中，攻防演练期间本公众号会每日更新当天鲜活情报和热点漏洞，欢迎大家对我们进行收藏和关注！

Over the years, the number of services we use has exploded, and so has the need to protect our credentials. Back in what I like to call “the age of innocence,” we scribbled passwords on paper or reused “password123” across five different accounts. Let’s be honest: those days are over. Whether we like it or not, password managers have become essential to good cybersecurity hygiene and one of the first lines of defense against unauthorized … More →

The post Review: Passwork 7.0, self-hosted password manager for business appeared first on Help Net Security.

AI智能体越来越多地被称为人工智能创新的“第三次浪潮”，也带来了复杂的治理问题和网络安全挑战。

AI 公司 Perplexity 与印度电信巨头巴帝电信（Bharti Airtel）合作，向其 3.6 亿用户免费提供 Pro 服务一整年，这是全球同类服务中规模最大的分销协议。Perplexity 的 Pro 服务年费为 200 美元，提供的先进模型包括了 GPT-4.1、Claude Sonnet 和 Opus 4，甚至还有 xAI 最新的 Grok 4。按移动用户使用量计算印度已成为 ChatGPT 最大的市场。