Aggregator

Новый ИИ-инструмент Google DeepMind может убить рынок малого и среднего дизайна.

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2025-24893 XWiki Platform Eval Injection Vulnerability
• CVE-2025-41244 Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.   

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors.

Threat activity targeting Exchange continues to persist, and organizations with unprotected or misconfigured Exchange servers remain at high risk of compromise. 

Best practices in this guide focus on hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces. CISA recommends organizations also decommission any remaining end-of-life on-premises or hybrid Exchange servers after transitioning to Microsoft 365, as retaining the “last Exchange server” can expose organizations to ongoing exploitation activity. 

CISA recommends organizations implement Microsoft Exchange Server Best Practices and take steps to decommission end-of-life on-premises Exchange servers in hybrid environments to significantly reduce their risk from cyber threats. 

CISA released two Industrial Control Systems (ICS). These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

• ICSA-25-303-01 International Standards Organization ISO 15118-2
• ICSA-25-303-02 Hitachi Energy TropOS 

CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.

活动时间10.30～11.11，3倍奖励！ 转发文章可参与抽奖～

Security doesn’t fail at the point of breach. It fails at the point of impact.  That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It's about proof. When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold,

Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns.

Microsoft 365 companion apps will be getting more Copilot features in the coming weeks. [...]

Linux станет доминирующей игровой платформой?

A sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in April 2024 has evolved into a large-scale threat operation targeting financial institutions across Russia, Poland, […]

The post NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关键词恶意软件近期，移动安全公司 Zimperium 发布的调查显示，一种针对 Android 用户的高速增长

关键词网络攻击概览2025 年 6 月至 8 月，乌克兰政府及关键基础设施持续受到俄罗斯支持的高级网络威胁组织

关键词安全漏洞近日，来自南亚的网络间谍组织 Bitter（APT-Q-37）被曝出针对高价值目标发起了一系列新

关键词Microsoft当地时间 10 月 29 日中午，微软在例行配置更改过程中发生错误，引发全球性云平台中

A new dark web analysis reveals more than 300 million records have been breached in 2025 to date

A sophisticated malware campaign targeting developers has been operating since August 2025, deploying 126 malicious npm packages that have collectively accumulated over 86,000 downloads. The attack, now identified as PhantomRaven, has been actively harvesting npm authentication tokens, GitHub credentials, and CI/CD pipeline secrets from developers across the globe while employing advanced detection evasion techniques that […]

The post PhantomRaven Attack Involves 126 Malicious npm Packages with Over 86,000 Downloads Hiding Malicious Code appeared first on Cyber Security News.

Как ферментация внутри животного создаёт вкус, который покоряет гурманов и пугает скептиков.

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s making headlines.

Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter Williams (39) admits stealing US trade secrets and selling cyber exploits to a Russian broker. Williams, an Australian national, pleaded guilty to stealing and selling U.S. […]