Aggregator

Как хакеры внедрили троян PlugX под видом документов НАТО.

MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow more complex and regulatory demands evolve. Meanwhile, clients are increasingly seeking comprehensive protection without taking on the burden of managing security themselves. This shift represents a major growth opportunity. By delivering advanced cybersecurity and compliance

A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. [...]

A vulnerability, which was classified as problematic, was found in neo4j Community Edition and Enterprise Edition up to 5.26.14/2025.10.0. The impacted element is an unknown function of the component Bolt Protocol Handshake Handler. Executing manipulation can lead to sensitive information in resource not removed before reuse. This vulnerability is handled as CVE-2025-11602. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in SonicWall SMA100. The affected element is an unknown function. Performing manipulation results in sensitive information in log files. This vulnerability is known as CVE-2025-40603. Remote exploitation of the attack is possible. No exploit is available.

关键词数据泄露日本零售业再度成为国际网络犯罪组织的目标。

关键词勒索软件Akira 勒索软件组织近日声称已成功入侵 Apache OpenOffice 并窃取了 23G

关键词安全漏洞安全研究员 Jose Pino（社交账号 jofpin）披露了一枚影响 Chromium 渲染引

关键词网络安全2025年10月30日，四川省炉霍县人力资源和社会保障局发布紧急通知，称其单位办公电脑在集中办公

Неужели китайские хакеры Salt Typhoon вернулись?

At this very moment, nation-state actors and opportunistic criminals are looking for any way to target Americans and undermine our national security.  Their battlefield of choice is cyberspace. Cybersecurity is the preeminent challenge of our time, and threats to our networks impact far more than just our data––they impact the resilience of our communities, the […]

The post Government and industry must work together to secure America’s cyber future appeared first on CyberScoop.

In mid-2025, Secureworks Counter Threat Unit (CTU) researchers uncovered a sophisticated cyber campaign where Chinese state-sponsored threat actors from the BRONZE BUTLER group exploited a critical zero-day vulnerability in Motex LANSCOPE Endpoint Manager to gain unauthorized access to corporate networks and extract sensitive data. The discovery marks another chapter in a long-running pattern of exploitation […]

The post Threat Actors Exploit LANSCOPE Endpoint Manager Zero-Day Vulnerability to Steal Confidential Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. Cybersecurity firm Neo Security discovered a 4TB SQL Server backup belonging to accounting giant Ernst & Young (EY) publicly accessible on Microsoft Azure during a routine scan. Neo Security’s lead researcher identified a […]

本文提出了一种基于功能性变更的版本识别方法，并在五个具有大量漏洞的知名远程软件系统上实现了原型框架VersionSeek。

Clearview AI faces a criminal complaint in Austria for allegedly ignoring EU data protection rulings

Сталь ЭП302М-Ш. Что это за материал и почему от него зависит будущее российской атомной энергетики.

黑客激进分子正在持续入侵

A new wave of cyber threats is emerging as criminals increasingly weaponize AdaptixC2, a free and open-source Command and Control framework originally designed for legitimate penetration testing and red team operations. Security researchers have uncovered a disturbing trend where advanced threat actors deploy this extensible post-exploitation tool across global ransomware campaigns, transforming a utility meant […]

The post Threat Actors Actively Using Open-Source C2 Framework to Deliver Malicious Payloads appeared first on Cyber Security News.