Aggregator

只是受人之惠的部分示例，无法一一列举所有

Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and mobile platforms. [...]

The threat actor known as ShinyHunters has publicly disclosed what they claim is a covert seizure of BreachForums, a notorious online platform used for trading stolen data and discussing illicit hacking activities. According to ShinyHunters’ announcement, the forum’s core infrastructure, including its official Pretty Good Privacy (PGP) key used for cryptographic authentication and secure communications, […]

The post ShinyHunters Claims BreachForums Seized by Law Enforcement, Now a Honeypot appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Zero day—zero clue: Old, bug-prone app relies on you to go look for update files.

The post ANOTHER WinRAR 0-Day: Don’t Patch Now — Uninstall It! appeared first on Security Boulevard.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

The hacker group behind the campaign used methods similar to those of the China-linked group Earth Baxia, known for targeting government agencies in the Asia-Pacific region.

德克萨斯大学奥斯汀分校科学家领衔的国际天文学家团队，利用詹姆斯·韦布空间望远镜，捕捉到宇宙大爆炸后仅 5 亿年就已存在的超大质量黑洞。它的质量相当于 3 亿个太阳的质量，刷新了迄今发现最古老黑洞纪录，为揭开宇宙黎明时期的奥秘打开了新窗口。研究团队发现星系 CAPERS-LRD-z9 呈现独特的“小红点”特征。这类诞生于宇宙婴儿期（前15亿年）的星系通常体积紧凑、色泽红艳且异常明亮。进一步研究发现，超大质量黑洞是 CAPERS-LRD-z9 星系中意外亮度的来源，且该黑洞的质量估计为太阳的 3 亿倍。该黑洞也是目前已确认的最遥远的黑洞。

More than 17,000 VMware ESXi installations worldwide are at risk from a severe integer-overflow vulnerability tracked as CVE-2025-41236 (CVSS 9.3), cybersecurity researchers warn. This critical vulnerability, first flagged in July, has prompted urgent calls for patching, but the latest scan results suggest progress remains slow, with thousands of systems still unpatched. Shadowserver Foundation, in partnership […]

The post 17,000+ VMware ESXi Servers Vulnerable to Critical Integer-Overflow Vulnerability appeared first on Cyber Security News.

The DEF CON Franklin project paired volunteer cybersecurity experts with water utilities in four states, hardening their systems against potential nation-state threats. The founders expect that the model can work on a larger scale.

A new technique has bypassed GPT-5’s safety systems via narrative-driven steering to elicit harmful output

PureRAT is a Remote Access Trojan, which can be used by an attacker to remotely control someone else's PC. PureRAT provides the following features to an attacker: See the victims user interfaceInteract with the victim PC using mouse and keyboardView the webcamListen to the microphoneRecord keystroke[...]

The post PureRAT = ResolverRAT = PureHVNC appeared first on Security Boulevard.

PureRAT is a Remote Access Trojan, which can be used by an attacker to remotely control someone else's PC. PureRAT provides the following features to an attacker: See the victims user interfaceInteract with the victim PC using mouse and keyboardView the webcamListen to the microphoneRecord keystroke[...]

Что ещё хакеры заберут у Сент-Пола.

Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems. Designated as CVE-2025-49457 under bulletin ZSB-25030, this flaw carries a CVSS score of 9.6, classifying it as critical due to its high impact on confidentiality, integrity, and availability. The vulnerability stems from an untrusted search […]

The post Critical Zoom Clients for Windows Vulnerability Lets Attackers Escalate Privileges appeared first on Cyber Security News.

A new report from Bitdefender reveals the Russian-linked hacking group Curly COMrades is targeting Eastern Europe with a…

An unprecedented surge in brute-force attacks targeting Fortinet SSL VPN infrastructure, with over 780 unique IP addresses participating in coordinated assault campaigns.  The August 3rd attack represents the highest single-day volume recorded on GreyNoise’s Fortinet SSL VPN Bruteforcer tag in recent months, raising concerns about potential zero-day vulnerabilities and sophisticated threat actor operations. Key Takeaways1. […]

The post Hackers Attacking Fortinet SSL VPN Under Attack From 780 unique IPs appeared first on Cyber Security News.

Assisted Living Pharmacy Service LLC Falls Victim to Qilin Ransomware

IBM’s 2025 Cost of a Data Breach Report drives home that point: attackers today are often “logging in rather than hacking in".

The post IBM’s Cost of a Data Breach Report 2025 appeared first on Security Boulevard.

前美国国家安全局（NSA）局长、中央安全局局长和网战司令部司令、现 OpenAI 董事、退役陆军上将保罗·仲宗根（Paul Nakasone）在拉斯维加斯出席 Defcon 网络安全大会，与 Defcon 创始人 Jeff Moss 谈论了美国当前的政治气候。特朗普当局解雇了被认为不忠诚的网络安全官员，撤销了前 CISA 主任 Chris Krebs 和 Jen Easterly 的安全许可，仲宗根评论说，美国科技公司在 2025 和 2026 年试图保持中立将会非常非常困难。

Researchers just proved LLMs can autonomously plan and execute full-scale cyberattacks — turning AI from a tool into an active threat actor.

The post And Now, LLMs Don’t Need Human Intervention to Plan and Execute Large, Complex Attacks  appeared first on Security Boulevard.