Aggregator

Он 16 лет ждёт уязвимость в своём коде, но готов доверить свои серверы новому компилятору.

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025

Google warns of “just-in-time AI” malware using LLMs to evade detection and generate malicious code on-demand

Curly COMrades threat actors exploit Windows Hyper-V to hide Linux VMs, evade EDR tools, and deploy custom malware undetected. Bitdefender researchers, aided by Georgia’s CERT, uncovered that Curly COMrades, a group linked to Russian interests, abused Windows Hyper-V to gain covert, long-term access to victims. Threat actors created hidden Alpine Linux VMs (120MB/256MB) hosting custom […]

Оглашено решение по делу транснациональной ОПГ, действовавшей из Мьянмы под прикрытием «легального бизнеса».

The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The security releases for Django 5.2.8, 5.1.14, and 4.2.26 were published on November 5, 2025, in accordance with Django’s standard security release policy. The two disclosed vulnerabilities pose different levels of […]

The post Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

根据发表在《Nature Astronomy》期间上的一项研究，当黑洞吞噬一颗质量至少为太阳 30 倍的恒星时，天文学家探测到了有史以来黑洞中最明亮的光爆发——其峰值亮度比太阳光高 10 万亿倍以上。当 2018年 天文学家第一次观测到这个天体时，他们并未意识到这是一个超级耀斑。在注意到天体亮度增强后，研究人员立即用帕罗玛山天文台的 200 英寸海耳望远镜瞄准了它。2023 年研究团队注意到，即使在 5 年后，这个耀斑仍然异常明亮。因此他们利用夏威夷凯克天文台进行了更深入的观测，结果显示，该天体距离地球约 300万千秒差距，即 100 亿光年。能在如此遥远的距离上看起来如此明亮，其发出的光必定是极其耀眼的。天文学家现在表示，这个耀斑的亮度是此前探测到的任何一次黑洞光爆发的 30 倍。研究人员认为合理的解释是，一颗大质量恒星在离黑洞过近时遭遇了厄运。当黑洞的引力将撕碎恒星时，它发出的光比之前要亮数十倍。他们还认为，由于耀斑还没有完全消失，这颗恒星可能还没有被黑洞完全吞噬。

Activate Consulting 的调查显示，43% 的 Z 世代偏爱 YouTube 和 TikTok 而不是传统电视或付费流媒体。全球媒体收入大幅增长，而传统电视收视率则在暴跌，每个人在各个平台上消费内容的时间平均超过 13 个小时，而多任务处理让人人过着“一天 32 小时”的生活。调查还显示，时长 1-2 分钟的微短剧正在快速流行，2800 万美国成年人（52% 年龄在 18-34 岁之间）在消费这种新娱乐形式。调查预计到 2029 年全球互联网和媒体收入将增加 3880 亿美元，人们每天看流媒体视频的时长将增至 4 小时 8 分钟，观看传统电视的时长将降至 1 小时 17 分钟。流媒体收入（包括广告和订阅）将每年增长 18-19%，而传统电视收入将每年下降 4-6%。

Мошенники разыграли встречу для TikTok-стиля, но на самом деле охотились за цифровыми активами.

1touch.io unveils Kontxtual, an AI-driven data platform engineered for the AI era. Built to accelerate enterprise innovation without compromising control, Kontxtual harnesses the power of AI and LLMs to deliver real-time data, identity, usage, and risk insights, assuring sovereignty and security throughout the entire AI lifecycle. It enables rapid deployment and integration across any environment, cloud, on-premises, or mainframe. Tailored for today’s data security, privacy, and AI governance challenges, the platform unifies data classification, DSPM, … More →

The post 1touch.io Kontxtual provides LLM-driven control over sensitive data appeared first on Help Net Security.

Europe will likely face a combination of heightened cyber-physical attacks and information operations coming from nation-state groups in 2026

Static security tuning creates dangerous blind spots that attackers exploit. Learn how dynamic context awareness transforms security operations by reducing false positives, preserving signal fidelity, and eliminating the hidden risks of over-tuning detection systems.

The post Swiss Cheese Security: How Detection Tuning Creates Vulnerabilities  appeared first on Security Boulevard.

A vulnerability, which was classified as critical, was found in Broadcom RAID Controller. This issue affects some unknown processing of the component Web Interface. Executing manipulation can lead to improper authentication. The identification of this vulnerability is CVE-2023-4334. The attack needs to be done within the local network. There is no exploit available.

A vulnerability has been found in Broadcom RAID Controller and classified as problematic. Impacted is an unknown function of the component Web Interface. The manipulation leads to sensitive cookie without secure attribute. This vulnerability is referenced as CVE-2023-4336. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Broadcom RAID Controller and classified as problematic. The affected element is an unknown function of the component Web Interface. The manipulation results in manage user sessions. This vulnerability is identified as CVE-2023-4337. The attack can only be performed from the local network. There is not any exploit available.

A vulnerability classified as problematic has been found in Broadcom RAID Controller on Windows. This issue affects some unknown processing of the component Web Interface. Performing manipulation results in information disclosure. This vulnerability is known as CVE-2023-4333. Attacking locally is a requirement. No exploit is available.

A vulnerability classified as problematic has been found in Cacti 1.2.21. This issue affects some unknown processing of the file graphs_new.php of the component HTTP POST Request Handler. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2022-41444. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in ImageMagick 6.9.11-22/7.0.10-45. It has been rated as problematic. Affected is an unknown function of the component Identify Help Command Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-48541. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as problematic has been identified in GitLab. This affects an unknown part of the component LF Character Handler. Executing manipulation can lead to improper neutralization of special elements. This vulnerability is handled as CVE-2023-4522. The attack can be executed remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in Tenda N300 Wireless N VDSL2 Modem Router. The affected element is an unknown function. The manipulation results in authentication bypass by primary weakness. This vulnerability was named CVE-2023-4498. The attack may be performed from remote. There is no available exploit.