Aggregator
Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70 countries. The dataset examines how attackers gain access, how quickly they reach key systems, and when ransomware and data theft occur. Identity-related root causes as a proportion of all cases covered in … More →
The post Ransomware activity peaks outside business hours appeared first on Help Net Security.
评论 | 拧紧直播食品“安全阀”
国际 | 英国《数据(使用与访问)法》的创新
关注 | 新一批重点防范境外恶意网址和恶意IP公布!
前沿 | 开源软件安全风险评估与治理路径探析
Ядро-малышка, магнитное поле-гигант — Луна ломала физику. Но титан разрушил 50 лет заблуждений
CVE-2026-21654 | Johnson Controls Frick Controls Quantum HD up to 10.22 os command injection (icsa-26-057-01)
CVE-2026-21657 | Johnson Controls Frick Controls Quantum HD up to 10.22 code injection (icsa-26-057-01)
CVE-2026-21656 | Johnson Controls Frick Controls Quantum HD up to 10.22 code injection (icsa-26-057-01)
CVE-2026-1627 | SICK LMS1000/MRS1000 up to 2.4.0 SSH Service risky encryption
CVE-2026-1626 | SICK LMS1000/MRS1000 up to 2.4.0 SSH Service risky encryption
CVE-2026-21658 | Johnson Controls Frick Controls Quantum HD up to 10.22 code injection (icsa-26-057-01)
Beyond the Search Bar: How the Agentic Threat Hunting Framework (ATHF) Makes Your Security Program AI-Ready
The Agentic Threat Hunting Framework (ATHF) is the memory and automation layer for your threat hunting program. It gives your
The post Beyond the Search Bar: How the Agentic Threat Hunting Framework (ATHF) Makes Your Security Program AI-Ready appeared first on Penetration Testing Tools.
人工智能发展存在四个风险趋势
Digital Deception: OpenAI Exposes “Operation Date Bait” and the Rise of AI-Powered Scams
Fraudsters, propagandists, and state security apparatuses are increasingly co-opting language models—eschewing benign amusement in favor of extorting wealth
The post Digital Deception: OpenAI Exposes “Operation Date Bait” and the Rise of AI-Powered Scams appeared first on Penetration Testing Tools.
The Illusion of Isolation: “AirSnitch” Researchers Reveal How to Hijack Wi-Fi Peers Across Any Network
For a long time, Wi-Fi with enabled client isolation was deemed a steadfast bastion against lateral network intrusions.
The post The Illusion of Isolation: “AirSnitch” Researchers Reveal How to Hijack Wi-Fi Peers Across Any Network appeared first on Penetration Testing Tools.
一文读懂 Agent Tools,拒绝复杂化、碎片化、黑盒化
The Patch Paradox: Claude Code Finds 500 Flaws, but Can the Open-Source World Survive the Noise?
Last week, Anthropic proudly unveiled its novel Claude Code Security feature—an instrument empowering security factions to unearth and
The post The Patch Paradox: Claude Code Finds 500 Flaws, but Can the Open-Source World Survive the Noise? appeared first on Penetration Testing Tools.