Aggregator

Чехия обвиняет, Китай молчит, а APT31 продолжает работать, не отвлекаясь на прессу.

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoise discovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that […]

Логов нет, антивирус спит, но ты уже в ловушке.

A critical security flaw in Microsoft’s OneDrive File Picker has exposed millions of users to unauthorized data access, allowing third-party web applications to gain complete access to users’ entire OneDrive storage rather than just selected files.  Security researchers from Oasis Security reported on May 28, 2025, that this vulnerability stems from overly broad OAuth scopes […]

The post Microsoft OneDrive File Picker Vulnerability Exposes Users’ Entire Cloud Storage to Websites appeared first on Cyber Security News.

美国反情报帝国：看不见的战争如何重塑全球格局在这个信息爆炸的时代，一场看不见的战争正在全球范围内激烈进行。

火绒祝您平安喜乐，“粽”享安康~

恭喜你“粽”奖啦！（参与方式戳文了解哟）祝大家端午安康，“粽”享好时光~

WithSecure将此活动归因于UNC4696，这是一个之前与Nitrogen Loader活动有关的黑客组织。

At Span Cyber Security Arena, I sat down with Ria Shetty, Director, Cyber Security & Resilience for Europe at Mastercard. Our conversation cut through the hype and focused on what CISOs deal with every day: how to embed security into innovation, manage supply chain risk, and prepare both systems and people for the threats ahead. For Shetty, the idea that innovation competes with security is a false choice. “They go hand in hand,” she says. … More →

The post What CISOs can learn from the frontlines of fintech cybersecurity appeared first on Help Net Security.

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromised government website and was used to target multiple other government entities. "Misuse of cloud

Кто-то запустил процессы, которые не значатся в расписании, и теперь ваша сеть играет по чужим правилам.

彭博社报道，下一代苹果操作系统将用年份标识版本号，此举旨在保持品牌的一致性，因为现有苹果产品的操作系统所采用的版本号可能会让客户以及开发者感到困惑。举例来说，苹果现有的操作系统包括了 iOS 18、watchOS 12、macOS 15 和 visionOS 2，它们的版本号不同，因为不是在同一时间推出的。用年份标识版本号意味着 iOS 19 可能将是 iOS 26、iPadOS 26、macOS 26、watchOS 26、tvOS 26 和 visionOS 26。

为什么我们会遵守规则？传统经济学观点认为是外部激励。但欧洲多所大学的研究人员通过一系列实验挑战了这一观点。实验参与者逾 14,000 名，研究人员发现，人们遵守规则是因为他们认为这么做是正确的——即使打破规则会带来个人利益且不会对他人造成伤害。研究人员称，遵守规则是因为对规则的内在尊重和满足社会期望的渴望。在其中一项实验中，参与者处于匿名孤立的环境中，获得了一个极大诱惑的机会打破规则。虽然打破规则不会有任何代价，但结果显示 55%-70% 的人选择遵守规则。这表明有很大一部分人内化了遵守规则的责任感——研究人员称之为无条件遵守规则。进一步的实验测试了社会期望的力量，结果表明参与者期望他人遵守规则，并认为此类行为具有社会适宜性（socially appropriate）。

Скрипт уже вычистил конкурентов, настроил процессы и давно вышел в плюс.

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to allow e-commerce site customers to save their favorite products for later and share the lists on social

Fraudsters are winning the AI arms race, first-party fraud is rising, and siloed systems are holding back defenses, according to DataVisor. Their 2025 Fraud & AML Executive Report, based on surveys of banks, fintechs, credit unions, and digital platforms, outlines clear signals for CISOs trying to build resilient, forward-looking strategies. Fraudsters have the upper hand The most urgent issue? Criminals are using AI better than most organizations. Three in four respondents said fraudsters currently have … More →

The post How CISOs can regain ground in the AI fraud war appeared first on Help Net Security.

A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_member. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-4359. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. The manipulation of the argument ID leads to sql injection. This vulnerability is handled as CVE-2025-4360. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_membership. The manipulation of the argument member_id leads to sql injection. This vulnerability was named CVE-2025-4362. The attack can be initiated remotely. Furthermore, there is an exploit available.