Aggregator

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

Security Affairs
2 days 3 hours ago
The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2026 had listed 483 victims on their dark-web leak site, 380 of them in 2026 alone. That makes them the […]
Pierluigi Paganini

人类管理推动水稻产量过去五十年翻倍

Solidot
2 days 4 hours ago
伊利诺伊大学厄巴纳-香槟分校科学家的一项最新研究表明,尽管气候变化带来重重挑战,但全球水稻产量在过去半个世纪依然几乎翻了一番。研究揭示,水稻增产的秘诀并非天公作美,而是人类的管理决策,比如扩大灌溉、增施养料,以及推行能有效提升单产的耕作方式,共同维持了水稻产量,并抵消了气候相关因素带来的损失。这表明,未来的粮食安全不仅取决于环境条件,更取决于人们如何管理和调整水稻生产系统,以适应不断变化的世界。研究揭示,气候变化是导致水稻减产的首要因素。在 2006-2015 年间,因气温升高、热害频发和水资源短缺,全球水稻产量估计减少了 7%。然而大气中二氧化碳浓度的升高也成了主要的增产推手,因为它能增强光合作用、提升水分利用效率。这些发现共同描绘了一幅复杂的图景:环境变化对农业生产的影响是多面的,甚至彼此对立。

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

The Hackers News
2 days 4 hours ago
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations. "These accounts promoted fake offers, including free mobile internet packages, financial compensation, and government subsidy programs," Group-IB
The Hacker News

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

The Hackers News
2 days 4 hours ago
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw affecting the portal and gateway components of PAN-OS software that could be exploited by bad
The Hacker News

内存成本占到了手机成本的五成以上

Solidot
2 days 4 hours ago
Nothing CEO 兼联合创始人 Carl Pei 说,如果你考虑升级手机,最佳时机是昨天。Carl Pei 称,内存短缺影响到了 Nothing 的中端手机。内存已成为智能手机最昂贵的组件,比处理器更贵,比显示屏更贵,可能占到硬件总成本的五成以上。以 Phone (4a)为例,自决定生产这款设备到它上市,内存成本翻了一番。此后又翻了一番。手机价格在上涨,明年还会继续涨。自 2 月以来,新上市手机比上一代产品贵了 100 美元。印度售价 3 万卢比以上的手机价格涨了 7000 卢比或更多。

Onspring CISO on where automated GRC systems fall short

Help Net Security
2 days 4 hours ago

In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their tools, and which risks resist measurement, such as insider behavior and vendor concentration. Continuous control monitoring tools tend to produce a green-yellow-red mosaic that flattens nuance. When a CISO walks into a board meeting with … More →

The post Onspring CISO on where automated GRC systems fall short appeared first on Help Net Security.

Mirko Zorz

Open-source CI/CD abuse detector guards against stolen credential attacks

Help Net Security
2 days 5 hours ago

CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure DevOps. The project targets a common attack chain in software supply chain compromises. Stolen developer credentials are used to push modifications to workflow files, which then harvest secrets stored in the CI environment. The detector … More →

The post Open-source CI/CD abuse detector guards against stolen credential attacks appeared first on Help Net Security.

Sinisa Markovic

Linux 7.1 释出

Solidot
2 days 5 hours ago
因所在时区差异 Linus Torvalds 在美国时间周日早晨释出了 Linux 7.1。主要新特性包括:移除了部分基于 486 的旧架构;龙芯加入高内存支持;因缺乏维护移除 RISC-V 立即执行支持;新 clone()flags 简化进程管理;io_uring 子系统加入 BPF 支持;ublk 用户空间块驱动支持零拷贝 I/O;sched_ext 初步支持子调度器(sub-scheduler);改进交换机制;完全重写 NTFS 实现,等等。

Managed ad