Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide. Designed to enable the rollout and management of YubiKeys at a global scale, these enhancements enable organizations to move towards passwordless authentication with hardware passkeys. “As the cyber threat landscape continues evolving with AI-driven attacks, … More →
The post Yubico extends hardware passkey deployment options appeared first on Help Net Security.
Pwn2Own Automotive 2026黑客大赛已正式结束,安全研究人员在赛事期间共成功利用76 个零日漏洞,累计赢得104.7 万美元奖金。
本届赛事聚焦汽车技术领域,在日本东京举行的Automotive World(汽车世界)展会上同期举办。
在整个比赛过程中,黑客们的攻击目标涵盖了完全打补丁的车载信息娱乐系统(IVI)、电动汽车(EV)充电桩以及汽车操作系统(如 Automotive Grade Linux)。
根据规则,在其公开披露这些漏洞之前,厂商有90 天的时间为比赛期间被利用并上报的零日漏洞开发和发布安全修复程序。
Fuzzware.io团队以21.5 万美元的奖金总额夺得本次大赛冠军,DDOS 团队以 100,750 美元紧随其后,Synactiv 团队则获得 85,000 美元。
Pwn2Own Automotive 2026 排行榜
据悉,Fuzzware.io 团队在第一天通过攻破Alpitronic HYC50 充电站、Autel 充电桩以及Kenwood DNR1007XR 导航接收机,入账 11.8 万美元。
第二天,他们又因在Phoenix Contact CHARX SEC-3150 充电控制器、ChargePoint Home Flex 充电桩和 Grizzl-E Smart 40A 充电桩中演示多个零日漏洞而获得 9.5 万美元。在比赛最后一天,他们在尝试获取 Alpine iLX-F511 多媒体接收机 Root 权限时遭遇“漏洞撞车”,额外获得 2,500 美元。
Synacktiv 团队在比赛首日也斩获 3.5 万美元,他们通过将一个越界写入漏洞与一个信息泄露漏洞进行链式利用,经由 USB 接口成功入侵了特斯拉信息娱乐系统。
回顾过往,在Pwn2Own Automotive 2024大赛中,黑客们演示了 49 个零日漏洞并两次攻破特斯拉汽车,共赢得 132.375 万美元。而在去年(2025 年)的赛事中,安全研究人员利用 49 个零日漏洞赢得了 88.625 万美元。
Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the payments layer. Recent large-scale outages across hyperscale cloud providers have demonstrated the real-world impact of cloud concentration risk for banks: delayed or failed transactions, SLA penalties, customer churn, operational recovery costs, and reputational damage. While … More →
The post Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages appeared first on Help Net Security.
Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from exfiltrating sensitive data. RansomSnare is a next-generation ransomware prevention capability that works by immediately suspending a malicious process the moment it attempts to encrypt its first file—long before traditional tools would detect or react to the attack. Unlike signature-based or behaviorally trained controls, RansomSnare requires no … More →
The post Pondurance RansomSnare blocks file encryption and data exfiltration appeared first on Help Net Security.
To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed to help users protect their accounts from sophisticated cyberattacks. “We think you should be able to have a private conversation online, just like you would in-person. We will always defend that right to privacy for everyone, starting with default end-to-end encryption,” company said in a blog … More →
The post WhatsApp rolls out new security feature to protect users from sophisticated attacks appeared first on Help Net Security.
A Chinese national named Jingliang Su has been sentenced to 46 months in prison for his involvement in a major cryptocurrency fraud scheme targeting American investors. On January 27, 2026, federal courts ordered Su to serve his sentence and pay $26.9 million in restitution to victims. The case represents a significant law enforcement victory against […]
The post Chinese National Jailed to 46 Months for Laundering Millions of Dollars Stolen from American Investors appeared first on Cyber Security News.