Aggregator

这段时间里，小编一直在默默探索、筛选和筹备，想为大家推荐一份好的的报告。

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months." It further said around a hundred victims located in France, Malta, Portugal,

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024. "The malware uses a

Найдена система, контролирующая боль без лекарств.

Ученые научились создавать дешевые и компактные титан-сапфировые лазеры.

一周情报速览

一、脚本的语法格式 大小写敏感 缩进：使用缩进表示层级关系,YAML 使用空格进行缩进，通常每个缩进级别为两个空格。 键值对：YAML 通过键值对来存储数据，键和值之间用冒号 : 分隔。 列表：使用短横线 -来表示列表中的项。 注释：以 # 开头的行是注释。 字符串：字符串可以不使用引号，也可以使用

点击上方「蓝字」关注我们2023年，某地公安破获了一起涉案金额高达1800万的黑产平台推手引流案。

Linux破解root密码---精读篇（值的收藏）

马斯克旗下 X 承认曾发生安全事故；小米 SU 7 上市 3 个多月，已交付 3 万多台；智谱 AI 上线 AI 生成视频模型清影

Google addressed a Chrome’s Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily. An 18-hour outage impacted Google Chrome’s Password Manager on Wednesday, impacting users who rely on the tool to store and […]

Google says it recently fixed an authentication weakness that allowed crooks to circumvent email verification needed to create a Google Workspace account, and leverage that to impersonate a domain holder to third-party services that allow logins through Google's "Sign in with Google" feature.

Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.

Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

The cybersecurity firm says that 97% of sensors are back online, but some organizations continue to recover, with costs tallied at $5.4 billion for the Fortune 500 alone.

The individual is part of a DPRK-backed group known as Andariel, which is known for using the 'Maui' ransomware strain to target and extort healthcare entities.

Background Docker released an advisory on July 23, 2024, addressing a vulnerability in the authorization plugins (AuthZ) used to control […]

The post CVE-2024-41110: Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins appeared first on HawkEye.