Aggregator

企业级 Agent 安全构建指南

A new and more dangerous version of the NGate malware has been found hiding inside a trojanized NFC payment application. This time, threat actors appear to have used artificial intelligence to help write the malicious code, which marks a significant shift in how cybercriminals are building attack tools today. The malware targets Android users by […]

The post New NGate Malware Developed Using AI Hides in NFC Payment Apps appeared first on Cyber Security News.

A vulnerability categorized as critical has been discovered in ImageMagick up to 6.9.13-39/7.1.2-14. The affected element is an unknown function of the component Image Parser. Such manipulation leads to improper access controls. This vulnerability is traded as CVE-2026-25966. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in ImageMagick up to 7.1.2-14. The impacted element is an unknown function of the component FTXT Image Parser. Performing a manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2026-25967. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability labeled as critical has been found in ImageMagick up to 6.9.13-39/7.1.2-14. This affects an unknown function of the file msl.c of the component Image Parser. Executing a manipulation can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2026-25968. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in ImageMagick up to 6.9.13-39/7.1.2-14. It has been rated as critical. Affected is the function GetPixelIndex of the component UIL/XPM. Performing a manipulation results in out-of-bounds read. This vulnerability is known as CVE-2026-25898. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability has been found in ImageMagick up to 6.9.13-39/7.1.2-14 and classified as critical. The impacted element is an unknown function of the component Image Parser. This manipulation causes file inclusion. This vulnerability is tracked as CVE-2026-25965. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability was found in ImageMagick up to 6.9.13-39/7.1.2-14 on 32-bit. It has been rated as critical. Impacted is an unknown function of the component Sun Decoder. This manipulation causes heap-based buffer overflow. This vulnerability appears as CVE-2026-25897. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

Seceon earns a 4.6 out of 5.0 overall rating from 82 verified customer reviews, with 90% of reviewers willing to recommend the platform, reflecting strong real-world satisfaction across the global services and financial sectors WESTFORD, Mass., April 21, 2026 /PRNewswire/ — Seceon Inc., a leading provider of AI-driven cybersecurity solutions for enterprises and managed security service providers (MSSPs),

The post Seceon Recognized in the 2026 Gartner® “Voice of the Customer” Report for Security Information and Event Management appeared first on Seceon Inc.

The post Seceon Recognized in the 2026 Gartner® “Voice of the Customer” Report for Security Information and Event Management appeared first on Security Boulevard.

A new and sophisticated malware campaign has been discovered, using a remote access trojan (RAT) called PureRAT to silently compromise Windows systems. What makes this campaign stand out is how cleverly it hides malicious code inside ordinary-looking PNG image files. Once the infection takes hold, the malware runs entirely in memory, leaving almost no traces […]

The post New PureRAT Campaign Hides PE Payloads in PNG Files and Executes Them Filelessly appeared first on Cyber Security News.

A vulnerability labeled as critical has been found in Google Chrome. Impacted is an unknown function of the component PDFium. The manipulation results in heap-based buffer overflow. This vulnerability is known as CVE-2026-6306. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability classified as problematic was found in Google Chrome. This impacts an unknown function of the component Media. Executing a manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2026-6308. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Google Chrome. Affected is an unknown function of the component Turbofan. The manipulation leads to type confusion. This vulnerability is referenced as CVE-2026-6307. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Google Chrome. This issue affects some unknown processing of the component Graphite. The manipulation leads to use after free. This vulnerability is traded as CVE-2026-6304. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Google Chrome. The impacted element is an unknown function of the component PDFium. Such manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2026-6305. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

Один сбой на тысячу беременностей — и нервная трубка не закроется…

帝国终将陨落，创意软件行业如今一致认为 Adobe 结束的时代即将到来，它们纷纷以免费或更低的价格提供与 Adobe 竞争的产品——Adobe 的创意软件过去几十年一直被视为行业标准。Cinema 4D 开发商 Maxon 在收购 Autograph 之后向个人用户提供了免费版本，Autograph 是类似 Adobe After Effects 的 动态图形设计软件，此前的永久授权费用高达 1795 美元；Canva 在收购 Affinity 之后将功能上类似 Adobe Illustrator、Photoshop 和 InDesign 的软件 Affinity Designer 2、Affinity Photo 2 和 Affinity Publisher 2 免费提供给用户，它在收购 Cavalry 之后也将其免费，Cavalry 类似 After Effects；苹果于今年 1 月推出了 Creator Studio 套件，包含了 Final Cut Pro、Logic Pro、Pixelmator Pro、Motion、Compressor 和 MainStage 等创意软件，月订费 12.99 美元，相比下 Adob​​e的 Creative Cloud Pro 每月订阅费用 69.99 美元，苹果没有强制用户订阅，用户仍可购买单个应用的单次授权。

The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution.

A vulnerability was found in Google Chrome. It has been declared as critical. Affected by this issue is some unknown functionality of the component Video. Such manipulation leads to use after free. This vulnerability is documented as CVE-2026-6302. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.